dslreports logo
site
spacer

spacer
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


view:
topics flat nest 
Comments on news posted 2014-03-31 16:29:39: As we've been discussing, the Turkish government has been attempting to block numerous social media websites; both to paint these services as negative outside influences that erode family values (read: political brownie points) but to stifle discussi.. ..



PhoenixDown
FIOS is Awesome
Premium
join:2003-06-08
Fresh Meadows, NY
kudos:1

1 recommendation

That's why the US should cede control of the Internet to the UN...

... or perhaps not.



Ano

@comcast.net

Doesn't that go against the rules for being allowed to have IP's?

I am too lazy to go read into it more but doesn't part of ISP's being provided public addresses from ARIN, which are required to get online, is them agreeing to only use addresses to which they are authorized/assigned to?

The only way they could intercept Google DNS request (because they are IP specific) is if they are spoofing or actually assigning the Google DNS server IP's on the ISP network for other devices, which would thus violate ARIN (or whatever version of Arin in said countries).

Otherwise ISP's would just have a mess etc.

It's funny. The web should be open and free.
If people don't like what they see don't look at it.
Next countries and government will restrict how much air we are allowed to have in a day...

The internet is always going to exist and continue to grow, as you can tell you can try but you can't stop people going around it. The only way to do that is remove any connections to the rest of the world, at which point, you are no longer the internet but basically a big Intranet.

I hope the people of the country use OpenDNS with DNSCrypt or other providers that support DNSCrypt. They can't just intercept that because certificate/keys are used not to mention it's encrypted. hah

»dnscrypt.org/


whiteyonenh

join:2004-08-09
Keene, NH

2 edits

said by Ano :

...The only way they could intercept Google DNS request (because they are IP specific) is if they are spoofing or actually assigning the Google DNS server IP's on the ISP network for other devices, which would thus violate ARIN (or whatever version of Arin in said countries).

Not necessarily, just about any linux-based router can do this with dnsmasq, intercepting Port 53 on UDP is trivial to do, and many public wifi hotspots already do this. The fact that it's being used by Turkish ISP's/government for censorship, is also not surprising.

Edit: The part about dnscrypt, *may* work, as long as they haven't explicitly blocked any/all known publicly available dnscrypt servers.

Edit2: If you think you're safe on public wifi because you're "using https", you'd be wrong »www.thoughtcrime.org/software/sslstrip/ (Always, ALWAYS VPN WHEN POSSIBLE, to an endpoint that YOU or SOMEONE YOU TRUST controls, or don't use public wifi.)


battleop

join:2005-09-28
00000

The ISP can pretty much pull anything off they want with ease using the same methods a hacker would except they would not have to break in to anything to do it. They could easily bring up their own DNS servers and announce 8.8.8.0/24 into their routing table and point. 8.8.8.8 to that DNS server they control.

There are dozens of ways to implement this. When you control the network you easily do what you want.
--
I do not, have not, and will not work for AT&T/Comcast/Verizon/Charter or similar sized company.



battleop

join:2005-09-28
00000
reply to Ano

The internet is rather fragile when it comes to this kind of stuff. I've not suffered this on my network but I know that's something like a rouge BGP announcement can cause a lot of collateral damage.
--
I do not, have not, and will not work for AT&T/Comcast/Verizon/Charter or similar sized company.


MaynardKrebs
Heave Steve, for the good of the country
Premium
join:2009-06-17
kudos:4

1 recommendation

Google should drop Turkey in retaliation


Just wipe Turkey off the internet search map..... hotels, businesses, airlines, exporters......


openbox9
Premium
join:2004-01-26
Germany
kudos:2

1 recommendation

Do no evil? Two wrongs does not make a right.


Chubbysumo

join:2009-12-01
Superior, WI

no, but three rights make a left!


kaila

join:2000-10-11
Lincolnshire, IL

Let them try.....

The internet was created to route around damage. As much as they try, those bits are going to find a way in/out.



NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:11
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to battleop

Re: Doesn't that go against the rules for being allowed to have IP's?

said by battleop:

I know that's something like a rouge BGP announcement can cause a lot of collateral damage.

The best way to control a rouge BGP announcement is to write the operator a blanc cheque!
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum


pclover

join:2008-08-02
Santa Cruz, CA
reply to battleop

A rouge BGP announcement shouldn't happen but it does.

Look at the YouTube BGP incident in 2008.

Your peers should have proper filters that filter bad stuff out such as advertising a prefix that you doesnt own.



pclover

join:2008-08-02
Santa Cruz, CA

1 recommendation

reply to Ano

FWIW ARIN is the RIR for North America.

AFIK Turkey falls under RIPE NCC



Anonymous_
Anonymous
Premium
join:2004-06-21
127.0.0.1
kudos:2
Reviews:
·Time Warner Cable

1 recommendation

reply to Ano

said by Ano :

I am too lazy to go read into it more but doesn't part of ISP's being provided public addresses from ARIN, which are required to get online, is them agreeing to only use addresses to which they are authorized/assigned to?

The only way they could intercept Google DNS request (because they are IP specific) is if they are spoofing or actually assigning the Google DNS server IP's on the ISP network for other devices, which would thus violate ARIN (or whatever version of Arin in said countries).

Otherwise ISP's would just have a mess etc.

It's funny. The web should be open and free.
If people don't like what they see don't look at it.
Next countries and government will restrict how much air we are allowed to have in a day...

The internet is always going to exist and continue to grow, as you can tell you can try but you can't stop people going around it. The only way to do that is remove any connections to the rest of the world, at which point, you are no longer the internet but basically a big Intranet.

I hope the people of the country use OpenDNS with DNSCrypt or other providers that support DNSCrypt. They can't just intercept that because certificate/keys are used not to mention it's encrypted. hah

»dnscrypt.org/

yes we should just ban countries from the internet that overly censor it and send them back to the stone age
--
Live Free or Die Hard...


battleop

join:2005-09-28
00000
reply to pclover

It seems that once you get outside of the 1st world networks proper filtering seems to be overrated.
--
I do not, have not, and will not work for AT&T/Comcast/Verizon/Charter or similar sized company.