[ProgSoc] Internet Filter

James Ducker jducker at it.uts.edu.au
Fri Jan 15 02:54:16 EST 2010


An interesting note on the Great Firewall of China:

Among other things, the firewalls perform some keyword checking on
packet data, and if a blacklisted keyword is found, they transmit TCP
Reset packets to both ends of the connection. If you set up a server
and client to ignore the Reset attack, it works just fine.

[1] http://www.lightbluetouchpaper.org/2006/06/27/ignoring-the-great-firewall-of-china/
[2] http://www.reddit.com/r/programming/comments/aph4r/tcp_resets_how_the_baidublogspotgooglecomblockout/

- James



More information about the Progsoc mailing list