Thursday: Internet outage eastern Europe Iran and Turkey

• Previous message (by thread): Thursday: Internet outage eastern Europe Iran and Turkey
• Next message (by thread): javascript just to email the admins :(
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--- morrowc.lists at gmail.com wrote:
From: Christopher Morrow <morrowc.lists at gmail.com>
On Sat, Dec 21, 2019 at 11:53 PM Scott Weeks <surfer at mauigateway.com> wrote:

> --- morrowc.lists at gmail.com wrote:
> From: Christopher Morrow <morrowc.lists at gmail.com>
>
> I do think the overall conversation about nation states
> disabling internet (which is not likely the case with
> Sean's original post?) is nanog-worthy.
> --------------------------------------
>
> Yes, I believe you're correct for the most part.  I just
> was more interested in the technical parts and there is
> a global audience here that may have insight as to how
> that part of the network is working.  I can easily see
> how that would get out of control.  But, how are they
> configuring their network elements to block is my
> question.  (DPI? BGP? etc.)

ah! ok... I imagine there are a few knobs for each sort of thing that
can get turned. I think we've seen over the years at least:
  1) turkey blocking access to 8.8.8.8
       (looked like mostly done with static /32's?)

  2) egypt turning off internet for the country
     (prior to overthrow? - I believe 'phone calls to providers' was
renesys's conclusion)
     https://dyn.com/blog/egypt-leaves-the-internet/
    this article points at tunisia and iran as well.

  3) pktelecom bgp routery making youtube less cat and more pain.
       https://dyn.com › blog › pakistan-hijacks-youtube-1

  4) prc firewall - forms of mostly DPI packet skullduggery
       blocking random http (really tcp traffic), specific DNS RRs,
disrupting/blocking various VPN technologies

I'd say it probably depends a bunch on whom is doing the poking, for
how long they plan
to make this work/not-work and the tools they have immediately available :(

Figuring more of this out seems like a good plan though... I'm not
sure trying to
actively subvert any of these nation state actions is particularly
smart/healthy though :(
  (note: i don't think YOU/scott are looking for this last part, but
generally speaking...
   it seems like folk put themselves in a bad place if/when they
attempt to get around
   a nationstate's actions, particularly from inside that nationstate)
-------------------------------------------------------


Thanks, I have left this on the list for now.  I can go off list 
if necessary.

That's good information.  Does Dyn put this out regularly or just 
for certain events?  I knew about 1-3, but how do folks find out 
about 4?

:: Figuring more of this out seems like a good plan though...

What I would like to find out is something like "the XXXcountry
part of the network is unreachable via BGP/DNS/at all (firewall 
drops)" or something like that.  It would be interesting to see 
how the different blocks are technically implemented and how that 
changes over time.

And, no, I'm not looking to subvert those things.  I live in the 
US where they do everything sneakily (ATT closet in SF still 
going?) but I wonder why microwave over the border or satellite 
isn't used.  Then ad-hoc jumped through the country.  I guess the 
getting killed or jailed if you get caught thing is why?

I dunno, it is just an interesting thing to me.

scott

• Previous message (by thread): Thursday: Internet outage eastern Europe Iran and Turkey
• Next message (by thread): javascript just to email the admins :(
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]