Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
GFW The Great Firewall of China Ruiwei Bu CSC 540 What? • Part of China’s “Golden Shield” Project • A huge firewall that covers mainland China • Focusing on Internet Security, Control and CENSORSHIP • Name from The Great Firewall of China by Charles R. Smith, May 2012 • Started in 1998 • Famous for the block of Twitter, Facebook, Google and so on Who? • The Chinese Government • Binxing Fang - Father of the GFW • Xiong Gang, Meng Jiao, Cao Zi-gang, Wang Yong, Guo Li, Fang Binxing, Research Progress and Prospects of Network Traffic Classification. Journal of Integration Technology, Vol 1, May, 2012. • Hardware: CISCO and others • Software: Companies and Top University research labs Where? • Major Devices: ISP backbone and International Gateway • Physical Location: Unclear, deployed allover China • Mongol.py TargetContent), such • UGC (User Generated as Twitter, Facebook, ... • Information related to Chinese Government and Politics, such as Tibetan issue • Opinions that go against the government • Cults, such as Falun Gong • Nation Security • “Random” Websites, such as Github, An Interesting Fact • Top UGC websites maybe blocked, such as Twitter, Facebook and Youtube • There are clones in China for all blocked UGC sites. • Twitter - Sina Weibo, Fanfou, ... • Facebook - Renren, ... • Youtube - Tudou, Youku, ... • Seems no-one cares about not-sofamous ones, such as Path Typical Route Abilities • IP Blocking • DNS Injection and Pollution • URL Filtering • Content Filtering and Censorship • Network Traffic Analysis • Interfere Secure Connections • Record user activities • Network Security IP and URL Blocking • Most Simple Method DNS Injection and Pollution • /etc/hosts • Change DNS server, such as 8.8.8.8 or OpenDNS But... • Still can be polluted even use DNS outside of the GFW • DNS attacks returns RST packet before the DNS server returns the address • And the result is “Connection Reset” • Can harm the entire Internet • Anonymous: The collateral damage of internet censorship by DNS injection. CCR July 2012. URL/Content Filtering • Can be triggered by any potential keyword in a unknown blacklist. Especially when searching with Google. • Usually blocks you 10-30 minutes URL/Content Filtering • The name of the formal Chinese president is Hu Jintao (胡锦涛), but when you search carrot (胡萝卜) in Google in mainland China.... Others • SSL Certificate Filtering and Faking • Github’s certificate was replaced by a self-signed certificate in Spring 2013 • Fake Tor Nodes and obfs bridge probe and block • • ... https://blog.torproject.org/blog/tor-partially-blocked-china Solutions? • Host Modification • Proxy • VPN Host Modification • /etc/hosts • %SystemRoot%/System32/drivers/etc/h osts • Most simple but not always work • Can block IP directly Proxy • Tunnel Proxy • Forward Proxy • Reverse Proxy • Open Proxy Online Proxies • Websites, so easy to use • Not safe and secure at all • Can be detected Proxy Softwares • Freegate, Wujie • Who’s the funder? • Tor project • Onion Network • .onion pseudo top-level domain • crimes - Silk Road and so on • GoAgent (Google App Engine as Proxy) • Maybe unsafe and unsecure Tunnel Proxies • Usually deployed on private servers, such as VPS and GAE • Private and Safe, under full control by yourself • Requires advanced networking skills • SSH (Secure Shell) Tunnel and Port Forwarding, 80, 443! • VPS servers or IP segments maybe blocked • Network Traffic Analysis VPN • PPTP (Point-to-Point Protocol) • L2TP (Layer Two Tunneling Protocol) • More secure • OpenVPN • Maybe the best on desktop? A Simple Proxy Server •Demo Time!