GFW now can censor Internet connections based on keyword patterns in the Host
field of the HTTP request header, so that even if an IP is accessible overHTTP
it still can be blocked if the request header contains blacklisted keywords.
For example, 192.0.82.250 is one IP address for http://en.wordpress.com/, which
has long been censored by GFW. Ping this IP over HTTP w/o Host name specified
gives success results, but only returns failure w Host name specified, as shown
in the attached screenshot.
This hack is formerly restrained to explicit HTTP, but recent observations have
found filtering of encrypted HTTPS CONNECT attempts with Host names specified
in headers. This is found with a dozen Google server IPs in the Asia-Pacific
region, and even more with s3.amazonaws.com IPs. HTTPS CONNECT to the IPs w/o
Host name is all right, but goes into blackhole w Host name provided.
Gogo-tester should include a custom request header for the user to test if
connection to the IP address over ports 80 and 443 with the customized host
name specified is successful, or this tool would soon be senseless since host
name based censoring is easy to deploy.
Original issue reported on code.google.com by neilbr...@outlook.com on 9 Nov 2014 at 10:02
Original issue reported on code.google.com by
neilbr...@outlook.comon 9 Nov 2014 at 10:02Attachments: