How to Bypass Egypt’s WireGuard Ban

By | February 9, 2022

In 2021, the WireGuard VPN protocol became so popular in Egypt that it was honored to be included in the block list, indescribably “delighting” not only customers of Cloudflare Warp+, Mullvad Wireguard and other commercial VPN providers, but also some corporate VPN users. Preliminary research has shown that DPI targets WireGuard Handshake Initiate packets that have a fixed… Read More »

Dante in Oracle Cloud

By | January 18, 2022

Here is a guide on how to create a personal Always Free SOCKS5 anonymous proxy supporting UDP ASSOCIATE (RFC1928) in Oracle Cloud. I created this memo for myself while setting up SOCKS5 proxy to experiment with forwarding WireGuard handshake packets over SOCKS5. But after some thought, I decided to share it with the community. My choice was Dante,… Read More »

BoringTun based WireGuard client for Windows

By | October 31, 2021

In early 2019, Cloudflare introduced BoringTun, an implementation of the WireGuard protocol written in Rust. The project code is distributed under the BSD-3-Clause license and consists of two main parts: The executable boringtun, an userspace WireGuard implementation for Linux and macOS. The library boringtun that can be used to implement fast and efficient WireGuard client apps on various platforms, including iOS and… Read More »

Securing Remote Desktop with SSH

By | March 29, 2020

Covid-19 led to a globe-wide work-from-home experiment, and it is logical to expect the growing number of users accessing their computers remotely using Remote Desktop. Having an RDP port open to the Internet is generally considered insecure, and most of the security experts advise using VPN or/and two-factor authentication to improve the security. Here we will review an… Read More »

“Failed to install WinpkFilter NDIS LWF driver with error 0x800700b7” or critical value of driver customization

By | January 22, 2018

One of our customers has recently reported that WinpkFilter installation has failed with error code 0x800700b7. This was the first report mentioning such error code, and we have spent some time to research the issue at a customer side. Such behavior seems to be worth mentioning in a dedicated post. 0x800700b7 error code can be decoded as ERROR_ALREADY_EXISTS.… Read More »

Microsoft Edge and ProtectedHomepages

By | May 11, 2016

Recently, I have had a small but curious research project with the requirement to decrypt ProtectedHomepages binary value stored under [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected – It is a violation of Windows Policy to modify. See aka.ms/browserpolicy]. While googling around the problem, I have seen a related question on Stack Overflow, so I decided that it may have sense to share… Read More »

Windows Packet Filter and Gigabit networks

By | April 6, 2016

There is a very popular and important question about Windows Packet Filter: “Can I handle Gigabit traffic in WinpkFilter user-mode application without noticeable performance degradation?”. I was asked rather frequently and usually, my answer starts with “that depends…” followed up by various performance related considerations and ends with a sentence “if you need maximum possible performance then consider… Read More »