| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTin65s5=bWDMiQJmFJQ3ck6arD4361MYi94ud6dK@mail.gmail.com> Date: Mon, 21 Mar 2011 13:52:22 -0400 From: Alien Chatter <feedalienscoffee@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Gmail and China's GFW Gmail can be blocked by simply blocking Google's SSL certificate(s). When you visit Gmail, Google sends your browser its SSL Server Certificate. Without this certificate, no connection can be made. For example, running the following command, then browsing to <https://mail.google.com/>, will produce the following output: $ sudo ngrep -d eth0 -x 'Google Inc' ... 47 6f 6f 67 6c 65 20 49 6e 63 31 18 30 16 06 03 Google Inc1.0... 55 04 03 14 0f 6d 61 69 6c 2e 67 6f 6f 67 6c 65 U....mail.google 2e 63 6f 6d 30 81 9f 30 0d 06 09 2a 86 48 86 f7 .com0..0...*.H.. ... This output shows part of Google's ASN.1 encoded X.509 certificate. Therefore, the following Linux firewall commands will stop any connection to Gmail: $ sudo iptables -I INPUT -m string --algo bm --hex-string '|476f6f676c6520496e63311830160603550403140f6d61696c2e676f6f676c652e636f6d30819f30|' -j DROP Try it, you will get a connection timeout: $ curl --connect-timeout 60 https://mail.google.com/ curl: (28) SSL connection timeout The same applies for Twitter, Facebook... Much more efficient than DNS/IP blocking! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists