Orange Jordania blocks My.Kali magazine using deep packet inspection

August 29, 2018

The website My.Kali has been blocked for more than a year using DNS tampering. A few months ago we released a report documenting this technique and how to bypass it. Starting the 15th August 2018, the operator Orange Jordania is blocking the website using deep packet inspection.

Orange Jordan is a Jordanian public mobile telephone network operator, and is the operator of the mobile communications license granted to Jordan Telecom. The company is 60% owned by Jordan’s government and the rest of the shares are owned by JITCO Investment Group, a holding company consisting of France Télécom (88%) and Arab Bank (12%).

The newly deployed filtering technology is based on deep packet inspection and sits in the network to monitor the traffic “inline”. The equipment is monitoring the encrypted SSL traffic and once the requested domain is sent by the client “Hello Client”, no further traffic reaches the server side. No active traffic is sent to tear down the connections (RSTs), the packets are silently discarded keeping the client (browser) retrying the connection until timesout.

We are currently trying to identify the hardware vendor that is blocking the LGBT alternative magazine in Jordania. Readers affected by the blocking can always reach the website in the dynamic mirror here: