tailieunhanh - Ignoring the Great Firewall of China

The People's Republic of China operates an Internet ltering system which is widely considered to be one of the most sophisticated in the world [9]. It works, in part, by inspecting web (HTTP) tra c to determine if specic keywords are present [8]. These keywords relate to matters such as groups that the Chinese Government has banned, political ideologies that they consider unacceptable and historical events that the regime does not wish to have discussed. It is straightforward to determine that the keyword-based blocking is occurring within the routers that handle the connections between China and the rest of the world [14]. These routers use devices based upon intrusion. | Ignoring the Great Firewall of China Richard Clayton Steven J. Murdoch and Robert N. M. Watson University of Cambridge Computer Laboratory William Gates Building 15 JJ Thomson Avenue Cambridge CB3 0FD United Kingdom Abstract. The so-called Great Firewall of China operates in part by inspecting TCP packets for keywords that are to be blocked. If the keyword is present TCP reset packets viz with the RST flag set are sent to both endpoints of the connection which then close. However because the original packets are passed through the firewall unscathed if the endpoints completely ignore the firewall s resets then the connection will proceed unhindered. Once one connection has been blocked the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines. 1 Introduction The People s Republic of China operates an Internet filtering system which is widely considered to be one of the most sophisticated in the world 9 . It works in part by inspecting web HTTP traffic to determine if specific keywords are present 8 . These keywords relate to matters such as groups that the Chinese Government has banned political ideologies that they consider unacceptable and historical events that the regime does not wish to have discussed. It is straightforward to determine that the keyword-based blocking is occurring within the routers that handle the connections between China and the rest of the world 14 . These routers use devices based upon intrusion detection system IDS technology to determine whether the content of packets matches the Chinese Government s filtering rules. If a connection from a client to a webserver is to be blocked then the router injects forged TCP resets with the RST flag bit set into the data streams so that the endpoints will abandon the connection. Once blocking has begun it

• Quản trị mạng
• Role of Guided
• Needle Biopsy
• Pancreatic Lesion
• Coagulation Disorders
• Clinical Implications
• Expandable Metallic
• Pediatric
• Hemato Oncology
• Thalassemia Disorders