Firewall Wizards mailing list archives
d.o.s. on firewalls
From: "Hugh Merwin" <hmerwin () earthlink net>
Date: Wed, 28 Mar 2001 21:14:24 -0500
Hi. I posted this to the C-punks NYC list Monday night. Elyn Wollensky kindly referred me to this list. I am inquiring about the accuracy of the following idea: (this is the original message) "I'm working on a paper about methods of defying all around censorship and blocked IPs in countries where the Internet is tightly controlled (like Belarus, Burma, China, North Korea, Sudan, Syria, Tajikistan, Tibet, Tunisia). Two major trends: 1) there's always nebulous reports of IP and URL based blocking, like arrays of firewalls, and laws mandating blocks of certain pages for local admins., and 2) censorship almost always deals exclusively with content (political and social), although its broader and duller edge extends to most in a general lack of connectivity (economic). I was reading about web bugs today. If somebody started a chain letter directed to recipients in one of the aforementioned countries about a mundane subject like pet's names or aphorisms about marriage, and included an HTML tag that instructed the email program to retrieve an image file from one of the blocked sites, the request would be deflected right? Okay. What if there were five chain letters, each with a tag corresponding to a different blocked site? With a low percentage of forwards, and a low percentage of total openings of the message, there could still be a substantial number of requests for the image file. Combined with the chances that the forwards, HTML tag included, ("send this to ten people. tell each of them to send this to ten people..."), will go to recipients behind the same firewall- this could result in a substantial amount of failed requests to retrieve the image. As pyramids are pyramids, this could be anywhere between 0 and billions of requests over time. However, given the fact that email usage is more coveted than browsing, and grows at a much faster rate, I see that this could have some effect. A massive and unintentional series of requests for this file would definitely skew statistics, and possibly allow some to "hide in plain sight," as it were. I imagine a legitimate, unblocked connection to the site would not stand out in traffic analysis in the midst of all of this. Larger question: Can a firewall be taken out this way? Much potential abuse in this technique (improving hit stats, etc.) Could this be used to increase the flow of information for such places? It's notoriously difficult to trace the lineage of a chain letter. I do believe, however, if successful, this would likely be treated as an act of aggression on the part of the blocked sites. Of course, in my feeble technological understanding, one really would need their permission. And the logic of engineering and the logic of usage are two different things. I'm just a cook, so I don't really know what would happen in this situation. Any guesses?" Further, If permission is not neccessary of the blocked sites administrators (the chain letter's originator looks for a readily available GIF in the blocked site's source), then if this was initiated by a third party, nobody could really be clearly blamed. I know this is naive. (for instance, the Chinese government sentenced the engineer Lin Hai to 2 years in jail in 1999, for merely trading email lists that were used down the line to distribute Dacankao, a dissident publication) Further, in an instance where the blocked sites admins are collaborating, (e.g. a coalition of human rights sites), would it be possible for themselves not to suffer a dos, if the firewalls were taken down under fire, because of bottlenecks? Further, can anyone recommend a good source on this particular aspect of firewall administration? This is a massive void for a lot of researchers and human rights activists. Movements have proceeded around it with assumptions. _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- d.o.s. on firewalls Hugh Merwin (Mar 29)