npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

ahj

v0.1.1

Published

American Headset Jack

Downloads

2

Readme

ahj - American Headset Jack, or whatever you want to call it, really

This is a weird obfuscated network protocol that was originally meant to be part of a VPN. It was designed with the existence of advanced DPI in mind and is meant to be as difficult to identify as possible.

The name makes no sense

Yep. It was a sequence of 3 random letters and something completely irrelevant.

How to use

Documentation will be made soon. For now, see jsdoc.

For examples, see test/client.js and test/server.js.

To generate configuration:

  1. bin/generate-config.js <host> <port> to generate server configuration
    The output should be saved to serverconfig.json or a similarly named file

  2. bin/generate-verifier.js to generate salt and verifier
    The verifier will be used by the server to authenticate clients

  3. bin/adduser.js to add client to server configuration and to generate a configuration template for the client
    If a path to the server configuration is not given as the first argument, serverconfig.json will be used

WIP documentation

Protocol features

  • Complete encryption of the protocol using AEAD, including the handshake
  • Authentication and support of multiple users via SRP
  • N:M multiplexing of connections, where any number of connections can occur over any non-zero amount of carrier connections
  • Carrier connections can be opened or closed at any time as long as one connection remains to hold the session open
  • Length randomization, where the length of messages sent over the wire are independent from the length of messages on top of the protocol except for approximate closeness
  • Out-of-order delivery, where messages are likely to be delivered out of order but are reassembled at the endpoint
  • Message-oriented, and therefore able to transfer message-based protocols such as UDP without additional wrapping

Why not shadowsocks?

Shadowsocks seems to be the most popular censorship circumvention tool currently in use. However, it has one major issue: each "real" connection corresponds to one proxied connection. This could potentially result in:

  • Fingerprinting by connection patterns
    A DPI firewall may be able to classify traffic as using shadowsocks if it can recognize specific patterns in connections. For example, if several short-lived connections happen to the same port and all receive substantially more data than they send, the DPI system may conclude HTTP traffic is being sent over shadowsocks.
  • Fingerprinting by diversity
    If a DPI system observes several short-lived connections but one long-lived connection to the same port which in contrast sends very little data, the DPI may conclude such traffic is HTTP mixed with websockets, and identify such traffic as belonging to shadowsocks.
  • Fingerprinting by data patterns
    A DPI system may be able to recognize specific protocols running over shadowsocks by observing the patterns of which data is sent between the client and server. For example, if a connection is opened, several small messages are exchanged (TLS handshake then HTTP request), then the server sends a large amount of data to the client, and then the connection is closed, the DPI may be able to recognize a TLS connection occuring within a tunnel.

This project aims to lessen these problems by completely decoupling underlying connections from connections happening over the protocol. One HTTP request may end up being split across 2 connections, or perhaps combined with other requests, or both. Persistent connections (such as websockets or ordinary TCP) may end up having been sent over a large number of seemingly independent connections. The carrier connections themselves could be short-lived or kept open for a long time, or a mixture of both.