Cenzic 232 Patent
Paid Advertising
web application security lab

Ignoring the Great Wall of China

I wanted to post again about the great Chinese firewall.  Apparently someone had the same idea that id and I had around ways to get around the filters.  Apparently, according this post on bypassing the Chinese firewall, it uses RST packets when it sees the forbidden content pass over it’s firewalls.  The RST packets are sent in either direction. However, if your firewall is set up to ignore RST packets AND the person in China is also set up to do the same, the text will flow through the firewall indisciminately.

However, this isn’t filter evasion, as the flag will still be there (and theoretically could be much worse because it will continue to send RST flags over and over and over for every request you make with the forbidden content in it).  So, without having someone in China to test this theory, it’s hard to do, but it is believed that it will work.  Interesting theory, anyway.  If anyone has some equipment in China that would like to help us test it, it would be a fun experiment (especially for id, I know).

2 Responses to “Ignoring the Great Wall of China”

  1. ha.ckers.org web application security lab - Archive » How To Access Blocked Websites Says:

    […] There’s some end comments on that page discussing issues with the Chinese firewall, which clearly he doesn’t understand as the Chinese firewall primarily works off of keyword filters and is trivial to evade, and it’s not particularly relevant to the discussion anyway. If you want to evade the chinese firewall use peekabooty, Tor or SSH forward your connection, or simply rot13 everything because it cannot detect even the most simple obfuscation. […]

  2. PB Says:

    I’m able to get past it, I just can’t get good speeds! What’s the deal with this filtering it’s totally frustrating. I’ve tried everything, adding two providers even. They have come out and checked
    my equipment twice and inform me it’s my router. That’s not it, it works fine at 100Mb.

    I called my VPN service http://www.strongvpn.com and with or without their connection it’s slow. At least connected I’ve bypassed the firewall.

    I’m curious to know what speeds others are getting?
    I’m in Shenzhen on China Telecom.