Researchers brake China's Firewall

Posted on Tuesday, Jul 04 2006 @ 00:39 CEST by Thomas De Maesschalck
Computer experts from the University of Cambridge found a way to breach the Great Firewall of China. Additionally, they also discovered a way to use the firewall to launch a denial of service attack against specific IP addresses in China.
The firewall, which uses routers supplied by Cisco, works in part by inspecting Web traffic for certain keywords that the Chinese Government wish to censor, including political ideologies and groups it finds unacceptable.

The Cambridge research group tested the firewall by firing data packets containing the word "Falun" at it, a reference to the banned Falun Gong religious group. The researchers found that it was possible to circumvent the Chinese intrusion detection systems (IDS) by ignoring the forged transmission control protocol (TCP) resets injected by the Chinese routers, which would normally force the endpoints to abandon the connection.

"The machines in China allow data packets in and out, but send a burst of resets to shut connections if they spot particular keywords," explained Richard Clayton of the University of Cambridge computer laboratory. "If you drop all the reset packets at both ends of the connection, which is relatively trivial to do, the Web page is transferred just fine."
More info over at ZD Net.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments