wiki:doc/OONI/Tests/DNSInjection

What it detects

  • Detects the presence of a censor that injects forged DNS replies when it detects an blacklisted domain name

Inputs

  • A list of domain names.
  • A non-existent DNS resolver(such as 8.8.8.1), which should be queried through a DNS injector(such as Great Firewall of China).

Experiment

  • From inside the censored network(prober), send DNS queries with the domain names to a non-existent DNS servers, going through the DNS injector(such as GFW) .

Control

  • If, for a domain name, the prober gets a DNS reply, then this domain name is supposed to be injected.
  • Otherwise ( the query timeout), this domain name is not injected.

Output

  • A list of domain names injected(blocked).

Notes

This is the kind of censorship that is happening in china as illustrated in this paper: http://conferences.sigcomm.org/sigcomm/2012/paper/ccr-paper266.pdf

Last modified 5 years ago Last modified on Dec 12, 2012, 9:28:47 PM