Ignoring the Great Firewall of China. Clayton, R., Murdoch, S. J., & Watson, R. N. M. In Danezis, G. & Golle, P., editors, Privacy Enhancing Technologies, of Lecture Notes in Computer Science, pages 20–35. Springer Berlin Heidelberg, January, 2006. ![Ignoring the Great Firewall of China [link]](https://bibbase.org/img/filetypes/link.svg "link")
Paper abstract bibtex The so-called “Great Firewall of China” operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints completely ignore the firewall’s resets, then the connection will proceed unhindered. Once one connection has been blocked, the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.
@incollection{clayton_ignoring_2006,
series = {Lecture {Notes} in {Computer} {Science}},
title = {Ignoring the {Great} {Firewall} of {China}},
copyright = {©2006 Springer-Verlag Berlin Heidelberg},
isbn = {978-3-540-68790-0, 978-3-540-68793-1},
url = {http://link.springer.com/chapter/10.1007/11957454_2},
abstract = {The so-called “Great Firewall of China” operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints completely ignore the firewall’s resets, then the connection will proceed unhindered. Once one connection has been blocked, the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.},
language = {en},
number = {4258},
urldate = {2014-11-15},
booktitle = {Privacy {Enhancing} {Technologies}},
publisher = {Springer Berlin Heidelberg},
author = {Clayton, Richard and Murdoch, Steven J. and Watson, Robert N. M.},
editor = {Danezis, George and Golle, Philippe},
month = jan,
year = {2006},
keywords = {Computer Communication Networks, Computers and Society, Data Encryption, Information Storage and Retrieval, Management of Computing and Information Systems, Systems and Data Security},
pages = {20--35},
}
Downloads: 0
{"_id":"q8pL7Qb4Siq89ddjL","bibbaseid":"clayton-murdoch-watson-ignoringthegreatfirewallofchina-2006","downloads":0,"creationDate":"2018-07-03T04:50:28.388Z","title":"Ignoring the Great Firewall of China","author_short":["Clayton, R.","Murdoch, S. J.","Watson, R. N. M."],"year":2006,"bibtype":"incollection","biburl":"https://bibbase.org/zotero/jabel","bibdata":{"bibtype":"incollection","type":"incollection","series":"Lecture Notes in Computer Science","title":"Ignoring the Great Firewall of China","copyright":"©2006 Springer-Verlag Berlin Heidelberg","isbn":"978-3-540-68790-0, 978-3-540-68793-1","url":"http://link.springer.com/chapter/10.1007/11957454_2","abstract":"The so-called “Great Firewall of China” operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints completely ignore the firewall’s resets, then the connection will proceed unhindered. Once one connection has been blocked, the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.","language":"en","number":"4258","urldate":"2014-11-15","booktitle":"Privacy Enhancing Technologies","publisher":"Springer Berlin Heidelberg","author":[{"propositions":[],"lastnames":["Clayton"],"firstnames":["Richard"],"suffixes":[]},{"propositions":[],"lastnames":["Murdoch"],"firstnames":["Steven","J."],"suffixes":[]},{"propositions":[],"lastnames":["Watson"],"firstnames":["Robert","N.","M."],"suffixes":[]}],"editor":[{"propositions":[],"lastnames":["Danezis"],"firstnames":["George"],"suffixes":[]},{"propositions":[],"lastnames":["Golle"],"firstnames":["Philippe"],"suffixes":[]}],"month":"January","year":"2006","keywords":"Computer Communication Networks, Computers and Society, Data Encryption, Information Storage and Retrieval, Management of Computing and Information Systems, Systems and Data Security","pages":"20–35","bibtex":"@incollection{clayton_ignoring_2006,\n\tseries = {Lecture {Notes} in {Computer} {Science}},\n\ttitle = {Ignoring the {Great} {Firewall} of {China}},\n\tcopyright = {©2006 Springer-Verlag Berlin Heidelberg},\n\tisbn = {978-3-540-68790-0, 978-3-540-68793-1},\n\turl = {http://link.springer.com/chapter/10.1007/11957454_2},\n\tabstract = {The so-called “Great Firewall of China” operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST flag set) are sent to both endpoints of the connection, which then close. However, because the original packets are passed through the firewall unscathed, if the endpoints completely ignore the firewall’s resets, then the connection will proceed unhindered. Once one connection has been blocked, the firewall makes further easy-to-evade attempts to block further connections from the same machine. This latter behaviour can be leveraged into a denial-of-service attack on third-party machines.},\n\tlanguage = {en},\n\tnumber = {4258},\n\turldate = {2014-11-15},\n\tbooktitle = {Privacy {Enhancing} {Technologies}},\n\tpublisher = {Springer Berlin Heidelberg},\n\tauthor = {Clayton, Richard and Murdoch, Steven J. and Watson, Robert N. M.},\n\teditor = {Danezis, George and Golle, Philippe},\n\tmonth = jan,\n\tyear = {2006},\n\tkeywords = {Computer Communication Networks, Computers and Society, Data Encryption, Information Storage and Retrieval, Management of Computing and Information Systems, Systems and Data Security},\n\tpages = {20--35},\n}\n\n","author_short":["Clayton, R.","Murdoch, S. J.","Watson, R. N. M."],"editor_short":["Danezis, G.","Golle, P."],"key":"clayton_ignoring_2006","id":"clayton_ignoring_2006","bibbaseid":"clayton-murdoch-watson-ignoringthegreatfirewallofchina-2006","role":"author","urls":{"Paper":"http://link.springer.com/chapter/10.1007/11957454_2"},"keyword":["Computer Communication Networks","Computers and Society","Data Encryption","Information Storage and Retrieval","Management of Computing and Information Systems","Systems and Data Security"],"metadata":{"authorlinks":{}},"html":""},"search_terms":["ignoring","great","firewall","china","clayton","murdoch","watson"],"keywords":["computer communication networks","computers and society","data encryption","information storage and retrieval","management of computing and information systems","systems and data security"],"authorIDs":[],"dataSources":["FWsPTwsmjtrBtRS3B","sWFw7a3qEGqRuCokd"]}