Re: russian prefixes

[Christopher Morrow <morrowc.lists () gmail com>]

On Fri, Jul 30, 2021 at 10:57 AM Christopher Morrow <morrowc.lists () gmail com>
wrote:

> On Thu, Jul 29, 2021 at 9:07 PM Denys Fedoryshchenko <
> nuclearcat () nuclearcat com> wrote:
>
> > On 2021-07-29 20:46, Randy Bush wrote:
> > > > Looks like it did shown on news only.
> > >
> > > :)
> > >
> > > i wondered
> > They have installed devices called "TSPU" on major operators.
> > Isolation of specific networks is done without changing BGP
> > announcements, obviously.
>
> Denys, can you say anything about how these TSPU operate?

Denys is, I'm sure, 'lmgtfy'ing me right now but:

https://therecord.media/academics-russia-deployed-new-technology-to-throttle-twitters-traffic/

https://en.wikipedia.org/wiki/Internet_censorship_in_Russia#Deep_packet_inspection

seems to be the system/device in question.


> I believe they at least swallow/stop TCP SYN packets toward some
> destinations
> (or across a link generally), but I'm curious as to what steps the devices
> take,
> to be able to judge impact seen as either: "broken gear" or "funky TPSU
> doing it's thing"
>
> thanks!
> -chris
>
>
> > And the drills do not mean at all "we will turn off the Internet for all
> > the clients and see what happens", journalists trivialized it.
> > Most likely, they checked the autonomous functioning of specific
> > infrastructurally important networks connected to the Internet,
> > isolating only them.
> > It's not so bad idea in general, if someone find another significant bug
> > in common software, to be able to isolate important networks from the
> > internet at the click of a button and buy time for patching systems.