Orange Jordania blocks My.Kali magazine using deep packet inspection
The website My.Kali has been blocked for more than a year using DNS tampering. A few months ago we released a report documenting this technique and how to bypass it. Starting the 15th August 2018, the operator Orange Jordania is blocking the website using deep packet inspection. Orange Jordan is a Jordanian public mobile telephone […]
DNS tampering in Vietnam
Internet blocking of site luatkhoa.org in Vietnam The following report present our findings of the current Internet blocking of the site luatkhoa.org inside Vietnam. Methodology During late May 2018, we conducted tests in ten different autonomous systems inside Vietnam, and over more than hundred different name servers. Results The main mechanism to block the website […]
Corruption, Censorship and a Deep Packet Inspection Vendor
Summary In 2015, the Azerbaijani government purchased specialized security equipment to be used to monitor and block social media during the Baku 2015 European Games. As a result of a major corruption scandal in Azerbaijan that involved high-rank government officials and business men with close ties to the government, we could see the ties between […]
Internet blocking in Jordan
INTRODUCTION My.Kali is one of the first LGBTQIA-inclusive webzines in the Middle East and North Africa. The magazine was established in 2007 by a group of passionate students with various interests ranging from design to arts and politics. My.Kali strives to address homophobia and transphobia and to empower the youth to defy mainstream gender binaries in the Arab […]
Tracking Mobile Spyware during the Telegram blocking in Iran(Part I)
Executive summary Full forensics report: [PDF] During the first of week of January 2018, Qurium received numerous reports from Iran concerning a massive distribution of links promoting the download of fake VPN applications. The fake Android mobile applications were distributed by SMS links, taking advantage of the blocking of Telegram in Iran, to deceive users […]
Blocking Techniques Catalunya
The following document provides more technical details of the mechanisms used to block the websites associated to the support of the referendum of 1-O in Catalunya. The first section (PART I) covers the technical aspects of Movistar blocking. The second part (PART II) of the document shows how Denial of Service Attacks were coordinated from […]
24saat also under blocking in Azerbaijan
June 1, 2017 Starting the 5 May 2017, the website 24saat.org is suffering from Internet blocking inside Azerbaijan. Connections to the website http://www.24saat.org receive injected traffic (RST injection) that tear down the connections. This behavior is not present when requesting the site using HTTPS https://www.24saat.org/ A full report describing how the blocking is taking place […]
Azadliq.info reloaded
Twelve days ago, azadliq.info was blocked inside Azerbaijan using a dedicated hardware inside Delta Telecom that monitors the encrypted connections to https://www.azadliq.info. The technology known as “Deep Packet Inspection” drops any connection that contains the domain azadliq.info. After recording the traffic and understanding how the technology works, we have decided to run the full website […]
Deep Packet Inspection and Internet censorship in Azerbaijan
Active connection teardowns Starting the Monday, 27th of March 2017 at 11.30 AM (UTC), we monitored a sudden drop of visitors to the website azadliq.info coming from inside Azerbaijan. The website receives 70% of the total traffic from inside Azerbaijan and on Monday the traffic suddenly dropped to 30-40%. At the same time one of […]
Technical notes about blocking in Azerbaijan
TECHNICAL NOTES Congestion only applies to Azerbaijan traffic The following graph shows the number of sessions coming from inside Azerbaijan (green) vs outside the country (blue). The TCP retransmissions are only taking place in sessions from inside Azerbaijan (black). Traffic from outside the country (blue) is not affected (red). Traffic inside Azerbaijan A careful […]
