How The Great Firewall Of China Caused A DDOS Attack In France

from the global-village dept

Many people outside China know about the country's Great Firewall, but probably assume it will have little, if any, impact on their own online activities. However, a fascinating post on Benjamin Sonntag's blog explains how one of the servers of La Quadrature du Net, the Paris-based digital freedom association he co-founded, and for which his company provides free hosting, was hit by distributed denial of service attacks (DDOS) caused directly by the Great Firewall's policies.

His blog post provides all the technical details: it turned out that the vast majority of the attacks were coming from Chinese IP addresses. Here's what seems to have happened: China is censoring its Internet, that's well known



to do this, this country censors (among others) DNS [Domain Name System] queries in its network (and also censoring as a side effect, the rare Japanese, Korean or Taiwanese queries going through China)



when it answers a DNS query to a censored website, it answers with "any incorrect IP address" instead. That is, instead of letting Chinese Net users access "forbidden" content, the Great Firewall generally re-directs them to some random, presumably harmless, site. But that wasn't happening here: we see spikes of requests to websites censored in China coming to IP addresses such as those of La Quadrature du Net. Other people had this same issue : http://furbo.org/2015/01/22/fear-china/



So, the end story is that we just saw censored websites requests coming to La Quadrature du Net's IP address from China, due to how the Chinese Internet censorship is working! Rather than pushing limited traffic to lots of sites, the Great Firewall was sending lots of traffic to just a few. Among the possible explanations for this new behavior, Sonntag offers two that are equally worrying: Maybe one of the system administrator of the great firewall of China is gaining some small and quick money selling DDOS, selling Internet attacks to the highest bidder (in bitcoin? ;) ) and using that censorship system as a weapon



Maybe China chose a precise list of targets to send censored traffic to, adding to this technical "useful" process (the censorship) a "nice" one (putting down foreign opponents' websites)... La Quadrature du Net, as a digital freedom association, seems to be too nice a target (among others of course). Neither is good news for sites in the West. Whatever the real reason for this DDOS attack on La Quadrature, it certainly shows that the operation of the Great Firewall of China can have very direct effects outside that country. Another reason, perhaps, for those in the West to pay closer attention to China's increasingly harsh approach to online censorship.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: china, ddos, france, great firewall

Companies: la quadrature du net