Chinese firewalls generated serious flaws

Computer experts at Cambridge University have said they have broken the protection structure of the Chinese national firewall, and figured out how to use the firewall itself to carry out DoS attacks.

Picture 1 of Chinese firewalls generated serious flaws According to experts, the firewall uses Cisco's router to block certain keywords, mainly sex and reactionary ideological words.

The Cambridge team tested the firewall by transmitting packets containing "sensitive. They discovered that it was possible to bypass the firewall's intrusion detection mechanism if ignore (ignore) the packet re-establish (reset) the transmission control protocol (TCP) required to be inserted by the router Normally, this reset mechanism will force the end points to terminate the connection if a violation is detected .

" Currently the control system in China allows data packets to enter and exit, but sends back the reset to close the connection if they discover certain keywords ," explains Richard Clayton, head of research. Save the computer of the Cambridge University. " If you ignore all of these reset packages at the connection terminals, the blocked site is still accessible normally ."

According to Clayton, this means that Chinese firewalls can be used to trigger denial-of-service (DoS) attacks on certain locations within the country, including the main website. covered.

If an attacker identifies the computer that Chinese government offices use, they can block access to the Windows Update feature, or prevent Chinese embassies abroad from accessing the website. domestic.

According to Clayton's calculations, a single attacker could use dial-up connections to cause very "effective" DoS attack effects. The team's findings have been reported to the Chinese government's Emergency Computer Response Team (CERT) to find remedies.