Ignoring the Great Firewall of China

  • Richard Clayton
  • Steven J. Murdoch
  • Robert N. M. Watson
Conference paper

DOI: 10.1007/11957454_2

Volume 4258 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Clayton R., Murdoch S.J., Watson R.N.M. (2006) Ignoring the Great Firewall of China. In: Danezis G., Golle P. (eds) Privacy Enhancing Technologies. PET 2006. Lecture Notes in Computer Science, vol 4258. Springer, Berlin, Heidelberg

Abstract

The so-called “Great Firewall of China” operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints completely ignore the firewall’s resets, then the connection will proceed unhindered. Once one connection has been blocked, the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Richard Clayton
    • 1
  • Steven J. Murdoch
    • 1
  • Robert N. M. Watson
    • 1
  1. 1.Computer Laboratory, William Gates BuildingUniversity of CambridgeCambridgeUnited Kingdom