Educause Security Discussion mailing list archives
Re: China blocking DNS servers
From: Pete Hoffswell <Pete.Hoffswell () DAVENPORT EDU>
Date: Tue, 6 Jan 2004 15:16:27 -0500
The report is now about a year old. In August 2003 it looks like it got slashdotted. At the time, the real-time reporter may or may not have been working very well to begin with. http://slashdot.org/articles/02/08/31/0557256.shtml?tid=153 I have an associate that manages connectivity to a factory in China via vpn, with a split tunnel. He has no complaints of blocked sites. I wonder if they have a different ruleset for foreign companies doing business out there. It would be interested to know if anyone else knows of a real-time filter-checker for china, or other countries, for that matter. My googlinig has not been productive. Cheers! - pete Pete Hoffswell 616-732-1101 (Grand Rapids, x1101) University LAN/WAN Coordinator 616-510-1198 (Mobile) IT Services pete.hoffswell () davenport edu Davenport University http://www.davenport.edu -=-=- Check out DU WiFi services - http://www.davenport.edu/du/currentstudents/wifi -=-=-
liudvikas.bukys () ROCHESTER EDU 01/06/04 08:58AM >>>
My university and a number of others are apparently having some DNS server traffic blocked by some Chinese ISPs. There is an excellent summary of the situation at: <http://cyber.law.harvard.edu/filtering/china/> (this includes a real-time test interface that unfortunately, at the moment, seems to classify all results as "indeterminate") and there are related recent articles at: <http://www.mail-archive.com/ip () v2 listbox com/msg00290.html> <http://www.politechbot.com/pipermail/politech/2003-November/000212.html> It was noticed here because there were some complaints from potential Chinese applicants, followed by a remarkably low number of Chinese applicants on a particular deadline. For any of our institutions seeking Chinese applicants, this is a business-critical outage. For the workgroups: * One technical countermeasure is to beef up secondary DNS servers, particularly with high-volume DNS services (Akamai or UltraDNS?) that may be less likely to be blocked. Has anyone looked into this angle? * (Short-term measures could include migrating DNS servers to unblocked IP addresses -- an annoying and messy shell game.) * Are the EDUCAUSE .edu operators aware of this issue? Any recommendations from them? (How does one contact them?) ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- China blocking DNS servers Liudvikas Bukys (Jan 06)
- <Possible follow-ups>
- Re: China blocking DNS servers Pete Hoffswell (Jan 06)
- Re: China blocking DNS servers Clyde Hoadley (Jan 06)
- Re: China blocking DNS servers H. Morrow Long (Jan 06)
- Re: China blocking DNS servers Joe St Sauver (Jan 06)