June 28, 2006

"Ignoring the Great Firewall of China"

[Echoed for a good cause]

Ignoring the Great Firewall of China

Richard Clayton, Steven J. Murdoch, and Robert N. M. Watson

Abstract. The so-called "Great Firewall of China" operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints completely ignore the firewall's resets, then the connection will proceed unhindered. Once one connection has been blocked, the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.

But see the comments in the blog post thread:

http://www.lightbluetouchpaper.org/2006/06/27/ignoring-the-great-firewall-of-china/

Particularly the claim it doesn't work in practice:

http://spacehunt.info/2006/06/09/man-in-the-middle-is-an-understatement/

By Seth Finkelstein | posted in censorware | on June 28, 2006 11:59 PM (Infothought permalink)
Seth Finkelstein's Infothought blog (Wikipedia, Google, censorware, and an inside view of net-politics) - Syndicate site (subscribe, RSS)

Subscribe with Bloglines      Subscribe in NewsGator Online  Google Reader or Homepage