Part 6, free speech and the internet Flashcards
what is
deep packet inspection
this is the process of examining the header and/or the content of a packet. This may be carried out for various reasons such as security, censorship or to identify malware or spam
what is
prefix hijacking
and how does golden shield use it
this is at a high level the process of inserting fake routes into a routers routing table. Golden shield uses this technique to either send traffic to fake ip addresses or to have traffic analysed by other parts of the golden shield network
- golden shield will use deep packet inspection and examine the packet for 15,000 keywords and phrases deemed objectionable by the chinses government
- if any keyword or phrase is found then golden shield will send reset connection packets to the client. in turn dropping the connection
note
the reset connection packet sent by golden shield to the client will also be impersonating the original servers ip address so that it does not look like the connection was tampered with but instead came fom the server making it seem like a bad connection
in two steps explain how golden shield might decide to
reset a connection
this includes:
- ip blocking
- DNS injection
- resetting connections
- prefix hijacking
what are 4 methods that golden shield employs in order to survey and censor
this is the process of examining the header and/or the content of a packet. This may be carried out for various reasons such as security, censorship or to identify malware or spam
what is
deep packet inspection
what is
golden shield
and what dates was it first implemented and then rolled out across the country
this is a surveillance and censorship system for internet requests in china. It was first implemented in china in 1998 and became universal throughout china in 2008
this is at a high level the process of inserting fake routes into a routers routing table. Golden shield uses this technique to either send traffic to fake ip addresses or to have traffic analysed by other parts of the golden shield network
what is
prefix hijacking
and how does golden shield use it
in 3 steps how does golden shield carry out
DNS injection
it carrys this out in the following steps:
- if the DNS request is outside china the packet is duplicated. with the original then being sent to its original destination while the other is routed to a chinese DNS server
- the chinese DNS server uses deep packet inspection to see if the packet contains a blacklisted URL
- if the URL requested is blacklisted the chinses DNS server sends a fake ip address back to the client
note
because the DNS server is located in china it nearly always completes the DNS request before the DNS server outside china
in two steps explain how golden shield might decide to
reset a connection
- golden shield will use deep packet inspection and examine the packet for 15,000 keywords and phrases deemed objectionable by the chinses government
- if any keyword or phrase is found then golden shield will send reset connection packets to the client. in turn dropping the connection
note
the reset connection packet sent by golden shield to the client will also be impersonating the original servers ip address so that it does not look like the connection was tampered with but instead came fom the server making it seem like a bad connection
it carrys this out in the following steps:
- if the DNS request is outside china the packet is duplicated. with the original then being sent to its original destination while the other is routed to a chinese DNS server
- the chinese DNS server uses deep packet inspection to see if the packet contains a blacklisted URL
- if the URL requested is blacklisted the chinses DNS server sends a fake ip address back to the client
note
because the DNS server is located in china it nearly always completes the DNS request before the DNS server outside china
in 3 steps how does golden shield carry out
DNS injection
how is golden shield intergrated into chinas infrastructure
the system is connected to the routers of all the Internet Service Providers (ISPs) in china meaning that all traffic can be seen by the system
this is a surveillance and censorship system for internet requests in china. It was first implemented in china in 1998 and became universal throughout china in 2008
what is
golden shield
and what dates was it first implemented and then rolled out across the country
what are 4 methods that golden shield employs in order to survey and censor
this includes:
- ip blocking
- DNS injection
- resetting connections
- prefix hijacking
the system is connected to the routers of all the Internet Service Providers (ISPs) in china meaning that all traffic can be seen by the system
how is golden shield intergrated into chinas infrastructure
