Poisoning the Well: Exploring the Great Firewall's Poisoned DNS Responses

@article{Farnan2016PoisoningTW,
  title={Poisoning the Well: Exploring the Great Firewall's Poisoned DNS Responses},
  author={Oliver Farnan and Alexander Darer and Joss Wright},
  journal={Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society},
  year={2016}
}
  • Oliver Farnan, Alexander Darer, Joss Wright
  • Published 2016
  • Computer Science
  • Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society
  • One of the primary filtering methods that the Great Firewall of China (GFW) relies on is poisoning DNS responses for certain domains. When a DNS request is poisoned by the GFW, multiple DNS responses are received - both legitimate and poisoned responses. While most prior research into the GFW focuses on the poisoned responses, ours also considers the legitimate responses from the DNS servers themselves. We find that even when we ignored the immediate poisoned responses, the cache from the DNS… CONTINUE READING
    18 Citations

    Topics from this paper.

    Analysing Censorship Circumvention with VPNs Via DNS Cache Snooping
    • 1
    • PDF
    K-resolver: Towards Decentralizing Encrypted DNS Resolution
    • 4
    • PDF
    SFDS: A Self-Feedback Detection System for DNS Hijacking Based on Multi-Protocol Cross Validation
    Global Measurement of DNS Manipulation
    • 48
    • PDF
    Assessing the Privacy Benefits of Domain Name Encryption
    • 3
    • PDF
    The web is still small after more than a decade
    • 3
    • PDF
    Methods and Systems for Understanding Large-Scale Internet Threats
    Measuring I2P Censorship at a Global Scale
    • 4
    • Highly Influenced
    • PDF
    Automated Discovery of Internet Censorship by Web Crawling
    • 5
    • PDF

    References

    SHOWING 1-2 OF 2 REFERENCES
    The Great DNS Wall of China
    • 45
    • Highly Influential
    • PDF
    Odd Behaviour on One Node in I root-server, 2010. https://lists.dns-oarc.net/pipermail/dns- operations
    • Odd Behaviour on One Node in I root-server, 2010. https://lists.dns-oarc.net/pipermail/dns- operations
    • 2010