IDG News Service - A networking error has caused computers in Chile and the U.S. to come under the control of the Great Firewall of China, redirecting Facebook, Twitter, and YouTube users to Chinese servers.
Security experts are not sure exactly how this happened, but it appears that at least one ISP recently began fetching high-level DNS (domain name server) information from what's known as a root DNS server, based in China. That server, operated out of China by Swedish service provider Netnod, returned DNS information intended for Chinese users, effectively spreading China's network censorship overseas. China tightly controls access to a number of Web sites, using technology known colloquially as the Great Firewall of China.
The issue was reported Wednesday by Mauricio Ereche, a DNS admin with NIC Chile, who found that an unnamed local ISP reported that DNS queries for sites such as Facebook.com, Twitter.com and YouTube.com -- all of which have been blocked in China -- were being redirected to bogus addresses.
It is unclear how widespread the problem is. Ereche reported getting the bogus information from three network access points in Chile, and one in California, but on Thursday he said that the problem was no longer popping up. "The traces show us that we're not hitting the server in China," he wrote in a discussion group post.
This issue occurred because, for some reason, at least one outside ISP directed DNS requests to a root server based in China, networking experts say. This is something that service providers outside of China should not do because it allows China's censored network to "leak" outside of the country.
Researchers have long known that China has changed DNS routing information to redirect users of censored services to government-run servers instead of sites such as Facebook and Twitter. But this is the first public disclosure that those routes have leaked outside of China, according to Rodney Joffe, a senior technologist with DNS services company Neustar. "All of a sudden, the consequences are that people outside China may be subverted or redirected to servers inside China," he said.
By using a China-based root server, ISPs are essentially giving China a way to control all of their users' traffic over the network. That could mean big security problems for people whose network accepted the leaked routes, Joffe said.
The ISP that used the bad routes probably misconfigured its BGP (Border Gateway Protocol) system, used to route information on the Internet, according to Danny McPherson, chief security officer with Arbor Networks. "I don't think it was done intentionally, " he said. "This is an example of how easy it is for this information to be contaminated or corrupted or leaked out beyond the boundaries of what it was supposed to be."
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!