Why the website blocked according to requirements of Roskomnadzor "put" Telegram
Sergey Nikulin, the CEO of RDP.RU, about the reasons of blocking of many popular Internet resources which the Russian users at the beginning of June, 2017 faced.
In the past weekend (on June 3-4, 2017) an essential part of the Russian Internet users faced a strange problem: unexpectedly were blocked many popular resources, such as Telegram the Messenger, Booking.com, Mail.ru, rbc.ru, etc. Blocked there were also social networks: Odnoklassniki, VKontakte, Facebook. The reason was unexpectedly simple: the owner of the website blocked by Roskomnadzor registered the IP addresses of popular resources at himself in DNS.
On the Internet, as well as in Russia, there are two troubles. The first is an abundance of the prohibited URL which the act of the Russian Federation obliges to block; the second — wide circulation of handicraft methods of URL filtering. For example, among telecom operators filtering to the IP addresses which, in fact, URL filtering is not is very popular.
Instead of deeply analyzing the passing Internet traffic (DPI), to select in it URL and to make blocking of the necessary requests and answers, the operator goes on simpler way: selects the IP addresses on which the blocked resources are at the moment located and blocks all traffic going on them without understanding. At subscribers of such providers on Saturday-Sunday Odnoklassniki "fell".
The root of a problem consists that the law requires "block Internet resources and also separate information on Internet resources". It allows ambiguous interpretation of what is Internet resources (strictly speaking, the resource is not only the Web server) that needs to be blocked, and does not contain information at all, about what means "block" and as it is necessary to do it.
From explanations of the Ministry of Telecom and Mass Communications and Roskomnadzor it is known that it is about blocking of URL, however the method of this blocking is besides not clear, it remains at the discretion of provider. Being guided by logic and common sense, it is possible to judge that time is about filtering of URL, and URL contains at the application layer of the ISO/OSI model, only the correct method of URL filtering is DPI (Deep Packet Inspection). However there is no accurate recommendation to do quite so in the legislation, and desire to save pushes providers on "curve schemes" of the solution of this problem.
The following results: the owner of the blocked website on the DNS server ties the IP addresses of popular resources to the domain name. The filtering software of provider addresses DNS of the blocked resource, receives these IP addresses and blocks them that, actually, and occurred.
Thus, the owner of any prohibited resource can write everything that wants and "drop" any known website in the DNS. What to it for it will be? Under the law - anything! Any owner of the DNS server can use the device to destination without any claims from supervisory authorities. So specialists of the industry predict that "entertainment" will become popular and daily.
Of course, everything depends on provider. Who will continue to use the handicraft filtering programs – will receive this daily rake. It does not threaten owners of high-quality URL filters. If the device recognizes traffic contents, then it "will never "put" the same Telegram, only because the owner of the blocked domain, added its IP address to DNS.
The output arises one: the only means of fight against similar diversions is the URL filtering which is based as is banal sounds, on search and the analysis of URL, but not IP or still some indirect signs. In this case not to do without DPI. Ideally, it should be legislatively fixed as insufficient clearness in this question already resulted in serious difficulties at providers and their users.
From this one more problem of operators, whose business "grows" today and it is so not too profitable - it is the need for upgrade. However, it is possible not only to purchase the missing solutions providing deep traffic filtering in property, but also to lease.
Upgrade without the capital investments – here a basic reason because of which today more and more companies prefer rent model. The equipment is provided without pledges, guarantees and paperwork that profitable distinguishes lease from leasing and crediting. What is received by the operator? He at once completely solves all problems with URL filtering, AS Auditor and Roskomnadzor. So forgets about penalties and in advance it is protected from the above-stated actions of owners of the blocked resources.
Further it is possible to dispose of quietly released resources: sell an obsolete equipment, dispose of the saved budget. At competent approach itself can very quickly learn to compensate monthly lease payments – by implementation of flexible tariff plans.
In case of growth of requirements the operator does not spend money for upgrade, and makes changes to the lease agreement and receives more powerful device on replacement. It is remarkable that after three years of lease, the device carries over the operator.
Sergey Nikulin, CEO of RDP.RU
170
See Also
- Censorship on the Internet. World experience
- Censorship (control) on the Internet. Experience of China
- Censorship (control) on the Internet. Experience of Russia, Roskomnadzor
- Law on regulation of Runet
- VPN and privacy (anonymity, anonymizers)
- Protection of critical information infrastructure of Russia
- Law On security of critical information infrastructure of the Russian Federation
- National Biometric Platform (NBP)
- Single Biometric System (SBS) of these clients of banks
- Biometric identification (market of Russia)
- Directory of solutions and projects of biometrics
- Digital economy of Russia
- Information security of digital economy of Russia
- SORM (System for Operative Investigative Activities)
- State detection system, warnings and mitigations of consequences of the computer attacks (State system of detection, prevention and elimination of consequences of computer attacks)
- National filtering system of Internet traffic (NASFIT)
- Yastreb-M Statistics of telephone conversations
- How to bypass Internet censorship of the house and at office: 5 easy ways
- The auditor - a control system of blocking of the websites in Russia
- The Single Network of Data Transmission (SNDT) for state agencies (Russian State Network, RSNet)
- Data network of public authorities (SPDOV)
- Single network of telecommunication of the Russian Federation
- Electronic Government of the Russian Federation
- Digital economy of Russia
- Cyber crime in the world
- Requirements of a NIST
- Global index of cyber security
- Cyber wars, Cyber war of Russia and USA
- Cyber crime and cyber conflicts: Russia, FSB, National coordination center for computer incidents (NKTsKI), Information Security Center (ISC) of FSB, Management of K BSTM of the Ministry of Internal Affairs of the Russian Federation, Ministry of Internal Affairs of the Russian Federation, Ministry of Defence of the Russian Federation, National Guard of the Russian Federation
- Cyber crime and cyber conflicts: Ukraine
- Cyber crime and cyber conflicts: USA, CIA, NSA, FBI, US Cybercom, U.S. Department of Defense, NATO, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA)
- Cyber crime and cyber conflicts: Europe, ENISA
- Cyber crime and cyber conflicts: Israel
- Cyber crime and cyber conflicts: Iran
- Cyber crime and cyber conflicts: China
- As the USA spied on production of chips in the USSR
- Security risks of communication in a mobile network
- Information security in banks
- Digital transformation of the Russian banks
- Overview: IT in banks 2016
- The policy of the Central Bank in the field of data protection (cyber security)
- Losses of the organizations from cyber crime
- Losses of banks from cyber crime
- Trends of development of IT in insurance (cyberinsurance)
- Cyber attacks
- Overview: Security of information systems
- Information security
- Information security (world market)
- Information security (market of Russia)
- The main trends in data protection
- Software for data protection (world market)
- Software for data protection (the market of Russia)
- Pentesting (pentesting)
- Cybersecurity - Means of enciphering
- Cryptography
- VPN - Virtual private networks
- Security incident management: problems and their solutions
- Authentication systems
- Law on personal data No. 152-FZ
- Personal data protection in the European Union and the USA
- Quotations of user data in the market of cybercriminals
- Jackpotting
- Virus racketeer (encoder)
- WannaCry (virus racketeer)
- Petya/ExPetr/GoldenEye (virus racketeer)
- Malware (malware)
- APT - Targeted or target attacks
- DDoS and DeOS
- Attacks on DNS servers
- DoS-attacks on content delivery networks, CDN Content Delivery Network
- How to be protected from DDoS attack. TADetails
- Rootkit
- Fraud Detection System (fraud, fraud, fraud detection system)
- Solutions Antifraud directory and projects
- How to select an antifraud system for bank? TADetails
- Security Information and Event Management (SIEM)
- Directory of SIEM solutions and projects
- Than a SIEM system is useful and how to implement it?
- For what the SIEM system is necessary and as it to implement TADetails
- Intrusion detection and prevention systems
- Reflections of local threats (HIPS)
- Confidential information protection from internal threats (IPC)
- Phishing, DMARC, SMTP
- Trojan
- Botha's botnet
- Backdoor
- Worms Stuxnet Regin
- Flood
- Information loss preventions (DLP)
- Skimming (shimming)
- Spam
- Sound attacks
- Antispam software solutions
- Classical file infectors
- Antiviruses
- Cybersecurity: means of protecting
- Backup system
- Backup system (technologies)
- Backup system (security)
- Firewalls
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |