Chinese Firewall
Results 1 to 8 of 8

Thread: Chinese Firewall

  1. #1
    Member
    Join Date
    Oct 2003
    Posts
    81

    Chinese Firewall

    The recent articles about Companies working with te chinese government to either keep the chinese firewall running or abiding to china's restrictive policies got me thinking.

    Lets say I was to develop a website aimed at Chinese / for the chinese audience. Lets say I hosted the website in the outside world and lets say I wanted that website to present free and true information ( even information the chinese government bans its people from seeing ).

    My question here is to the technically savvy , How would I go about making that website accessible to the chinese audience in a way that it does not get blocked or I can get around the website ?

  2. #2
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    I went to school with several people recently from China (this was 2 years ago). From what I hear, what you propose is essentially impossible. Not even encryption will get your content through, as the Chinese government has other ways of determining the content of your site before deciding to block it.

    It might be possible, but probably not worth the effort, both in terms of time and money.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  3. #3
    Banned
    Join Date
    Jul 2004
    Posts
    297
    You might find this link interesting.
    http://news.com.com/2100-7348_3-6090...0437&subj=news

  4. #4
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    Yes, quite interesting.

    Now, try getting your webhost to ignore those reset packets... and aviod the inevitable DoS attack at the same time...

    And I KNOW (secondhand, but still...) they don't filter based on stateless packet content alone. Encrypted pages with certain content get blocked as well.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  5. #5
    Member
    Join Date
    Oct 2003
    Posts
    81
    From what Iv heard technically savvy users are able to use proxies and whatnot to get passed the firewall .

    say i have a website at myname.com , is there anyway using proxies , IP changes etc to offer websites for the majority that would bypass the firewall ?

  6. #6
    Member
    Join Date
    Oct 2003
    Posts
    81
    Sorry to post two posts after the other but having read the article

    http://news.com.com/2100-7348_3-6090...0437&subj=news

    how would one offer a website using this technique ?

  7. #7
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    You would need to be running a webserver that is capable of ignoring reset packets. This would exclude any commercial webhost organization, pretty much requiring you to run your own servers.

    After that, since you are now ignoring reset packets, connections will be left open far longer than they need to be. This can very quickly fill up your hash table of open connections and lead to a denial of service attack. Appropriate measures will need to be taken.

    This is all assuming, of course, that the method outlined in that article is the only method used by the Chinese to filter content. I have heard from trustworthy sources (i.e. networking and computer security students "fresh off the boat" from China) that this is not the case.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  8. #8
    Banned
    Join Date
    Jul 2004
    Posts
    297
    Actually now that I think about it I beleive there is a major flaw with the so called chinnese firewall. How is all that spam containing adult material getting to the outside world from china. China net doesn't seem too effected at all. Mabey it only affects incoming network traffic.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides