Cracked: The Great Firewall of China

by admin July 4, 2006 at 7:23 am

Cambridge computer experts decode censorship system…

Computer experts from the University of Cambridge claim not only to have breached the Great Firewall of China but to have found a way to use the firewall to launch denial of service attacks against specific IP addresses in the country.

The firewall, which uses routers supplied by Cisco, works in part by inspecting web traffic for certain keywords the Chinese government wish to censor, including political ideologies and groups it finds unacceptable.

The Cambridge research group tested the firewall by firing data packets containing the word “Falun” at it, a reference to the banned Falun Gong religious group. The researchers found it was possible to circumvent the Chinese intrusion detection systems (IDS) by ignoring the forged TCP resets injected by the Chinese routers, which would normally force the endpoints to abandon the connection.

Richard Clayton of the University of Cambridge computer laboratory explained: “The machines in China allow data packets in and out but send a burst of resets to shut connections if they spot particular keywords. If you drop all the reset packets at both ends of the connection, which is relatively trivial to do, the web page is transferred just fine.”

Clayton added this means the Chinese firewall can be used to launch denial of service attacks against specific IP addresses within China, including those of the Chinese government itself.

Full story: silicon.com