great firewall & great cannon
TRANSCRIPT
The Great Firewall &The Great Cannon
1
Ivan Ortega@ivanortegaalba
Slides:http://es.slideshare.net/IvanOrtega14
1
The Great Firewall
2
China and their censure policy
Until now China has been using its system:
Great Firewalla part of
Golden Shield Project
3
Great Firewall
30.000 - 50.000 police agents involved.
800.000.000 $ invested
8 years
All this to censor the Internet as we know it
4
How do Great Firewall block sites?
5
How do Great Firewall block sites?
1. The Great Firewall search in DNS servers if the domain is censored
6
How do Great Firewall block sites?
1. The Great Firewall search in DNS servers if the domain is censored
2. If IP is obtained, Great Firewall search if this IP is saved as blocked
7
How do Great Firewall block sites?
1. The Great Firewall search in DNS servers if the domain is censored
2. If IP is obtained, Great Firewall search if this IP is saved as blocked
3. The Great Firewall analyse the URL to find word forbidden
8
How do Great Firewall block sites?
1. The Great Firewall search in DNS servers if the domain is censored
2. If IP is obtained, Great Firewall search if this IP is saved as blocked
3. The Great Firewall analyse the URL to find word forbidden
4. The Great Firewall search text forbidden that is sowed as text plain
9
How do Great Firewall block sites?
1. The Great Firewall search in DNS servers if the domain is censored
2. If IP is obtained, Great Firewall search if this IP is saved as blocked
3. The Great Firewall analyse the URL to find word forbidden
4. The Great Firewall search text forbidden that is sowed as text plain
10
How do Great Firewall block sites?
1. The Great Firewall search in DNS servers if the domain is censored
2. If IP is obtained, Great Firewall search if this IP is saved as blocked
3. The Great Firewall analyse the URL to find word forbidden
4. The Great Firewall search text forbidden that is sowed as text plain
11
How do Great Firewall block sites?
1. The Great Firewall search in DNS servers if the domain is censored
2. If IP is obtained, Great Firewall search if this IP is saved as blocked
3. The Great Firewall analyse the URL to find word forbidden
4. The Great Firewall search text forbidden that is sowed as text plain
12
Forbidden sites
13
Forbidden sites
14
Alternatives
15
Alternatives
16
What is the Great Cannon?
17
A Great Firewall with a Great Cannon
18
A Great Firewall with a Great Cannon
19
A Great Firewall with a Great Cannon
20
A Great Firewall with a Great Cannon
21
1. China establish IP targets to be attacked.
Mirror & Forbidden sites:
22
2. China ear the traffic from outside of China Network to Baidu
23
3. China reroute a percent of this traffic and inject a malicious JS
24
4. This malicious JS will do request constantly to target server
25
Great Cannon discovered
Great cannon was discovered as result of DDoS on Github repositories when a lot page was allocated as mirror of forbidden sites.
https://www.fayerwayer.com/2015/04/asi-es-como-china-ataco-y-tumbo-github-con-su-gran-canon/ 26
Conclusion
China have a new weapon to censor by force
China goverment don’t recognize this attack and The Great Cannon but all investigation point to this, so all this is a augmented supposition
It’s effective? Now, Chinese people are seeing the same pages attacked
27
Conclusion, bibliography and more to investigate
Citizen Lab investigation: https://citizenlab.org/2015/04/chinas-great-cannon/
GreatFire.org: https://en.greatfire.org/blog/2015/mar/chinese-authorities-compromise-millions-cyberattacks
How the Grand Cannon was discovered: http://arstechnica.com/security/2015/04/ddos-attacks-that-crippled-github-linked-to-great-firewall-of-china/
28
Thank you!Questions?
Ivan Ortega@ivanortegaalba
Slides:http://es.slideshare.net/IvanOrtega14 29