A very comprehensive review of tools and technology for Internet filtering is outlined by Murdoch and Anderson (2008) and ranges from technical filtering to domain deregistration and denial-of- service attacks. In addition, they also briefly discuss surveillance and non-technical censorship methods. Murdoch and Anderson (2008) articulate the following filtering mechanisms:
- TCP/IP header filtering: With this method, the censor’s router can inspect the Internet Protocol [IP] address and port number of the destination. If the destination is found to be on a blacklist, the connection is dropped or redirected to a page indicating that access to the destination is denied.
- TCP/IP content filtering: This is a similar method to header filtering except that the censor’s router inspects the packet contents for any patterns or keywords that may be blacklisted. The focus is not on content, but rather on where packets are going to or coming from.
- Domain Name Server (DNS) Tampering: Normally, domain name servers are accessed by user computers to retrieve the corresponding IP address of a given domain. Through domain name server tampering, domain name resolution could fail as the router could send back an erroneous response that does not contain the right IP address, hence the connection fails.
- Hyper Text Transfer Protocol (HTTP) Proxy Filtering: In some cases, users are forced to use HTTP proxies that are assigned for accessing the Internet. Those proxies may be the only way to reach the Internet and hence they can monitor all traffic that goes through them. Such a method is more powerful than TCP/IP header and DNS filtering.
- Hybrid TCP/IP and HTTP Proxy filtering: Because using HTTP Proxy Filtering is often demanding, a solution was devised to use only HTTP Proxy filtering for a list of IP addresses known to have prohibited content. If any of those IP addresses is accessed, traffic is redirected to a transparent HTTP proxy, which inspects the transferred stream and filters any banned content.
- Denial-of-Service (DoS) attacks: Denial-of-service attacks can be launched on the host server. Such attacks are usually done by having a large number of computers requesting service from a particular server and hence, overwhelming it with too much traffic which causes the server and its connection to stall.
- Server takedown: Through legal, extra-legal or pressure methods, a company hosting a specific server could take it down and disconnect it from the Internet. The owner of the server may be able to transfer the server’s contents, however – provided that a backup copy exists – to another hosting company within hours.
- Surveillance: Constant technical monitoring through logging transfers between the host and the Internet user. If banned content is found in the transferred stream, actions – legal or extra-legal – could be taken against the user, the host or both. Such acts could trigger a sense of fear, causing the host to refrain from publishing such content and causing the user to hesitate from accessing it.
- Social techniques: This includes the requirement to show photo identification (ID) before using public computers at libraries or Internet cafés; social or religious norms that force Internet users to avoid opening particular content are another form of social censorship. Families that place the computer in the living room to enable monitoring of their children’s use of the Internet is another example of a social technique of censorship.
Installing a VPN system is one of the effective means to surpass country proxies and internet filtering. To learn more, visit www.le-vpn.com.
Use the Internet by Your Own Rules
|Try Le VPN7 days moneyback|