DNSInjection · Wiki · Legacy / Trac · GitLab

Snippets Groups Projects

This is an archived project. Repository and other project resources are read-only.

What it detects

Detects the presence of a censor that injects forged DNS replies when it detects an blacklisted domain name

Inputs

A list of domain names.
A non-existent DNS resolver(such as 8.8.8.1), which should be queried through a DNS injector(such as Great Firewall of China).

Experiment

From inside the censored network(prober), send DNS queries with the domain names to a non-existent DNS servers, going through the DNS injector(such as GFW) .

Control

If, for a domain name, the prober gets a DNS reply, then this domain name is supposed to be injected.
Otherwise ( the query timeout), this domain name is not injected.

Output

A list of domain names injected(blocked).

Notes

This is the kind of censorship that is happening in china as illustrated in this paper: http://conferences.sigcomm.org/sigcomm/2012/paper/ccr-paper266.pdf

Comments

Please register or sign in to add a comment.