Internet shut off switch?

Reports are saying cell phones and Internet connections are off in egypt at the moment. Can a country really shut off its Internet connection?

China, who has placed restrictions on its Internet infrastructure from day 1 (meaning, the whole infrastructure for connecting to the Internet was built with government control in mind) and that develops a lot of its own networking equipment, is unable to really block users. When I’m in China, twitter and facebook are blocked in the hotel and in the office, but not on the blackberry. Most anonymizers work, and some twitter-over-instant messenger bots work as well. Most of the time, I can find the new list of working anonymizers on google, while I’m there – so there’s no special preparation involved. On my last visit I was introduced to a free VPN service that enables unrestricted access to facebook, twitter and other blocked sites, that seems to be quite popular in the country.

Egypt is not as big and certainly not as advanced as China, but is fairly big. As anyone who worked for a large company knows – it’s difficult if not impossible to track all incoming and outgoing connections. We know the DNS servers are refusing to resolve .eg domains – but what if we go into the inner-works. Are some of the IP’s inside Egypt reachable?

One glaring example is the Egyptian stock exchange. Its IP rotates, but at least some connections point to  217.139.183.2, which belongs to the ISP “the Noor group”, in Cairo. Other times it points to 41.222.175.2 that belongs to “Misr Information Services and Trading” in down-town Cairo. Both are clearly reachable and pingable; is every router on the way configured to route communication only to those IPs? Are there other routers, IP’s or servers that are still open for communication? I would imagine that some emergency lines run on IP-based infrastructure that must be kept on; some devices – military ones perhaps – might rely on IP infrastructure. Dial-ups might still exist. Speaking of which: can one dial from Egypt into a modem in Germany?
Also, one has to wonder about internal communication. Blocking the country’s gateways is one thing; but blocking all internal communication is extremely hard to do. If internal communication is available, is there a way to piggyback into those few holes in the dam to get external communication? Taking the egyptse.com example: if the perimeter routers only allow communication to/from the Noor network, can I route my connection through them?

We all know the Internet was designed to be resilient; and forty years after its initial deployment, it’s proving to be very hard to kill, even by those who believe they have their hand on the cut-off switch.

Share
  • http://www.BeyondSecurity.com noam

    From what I read on Egypt and from my experience in China, TOR is nearly impossible to block if you were able to connect at least once.

    In the case of Egypt, all it took was for a few TOR bridges to pop up in their local IP space to allow a lot of people (more than 20,000 from the last count) to be able to access the Internet.

    Of course when they dropped the switch and killed the whole network traffic, TOR didn’t allow them outside access, it did allow them to still have their own Egypt-NET internal network to continue functioning.

  • http://www.whysnatur.com snatur

    Thanks for the post, do you have any other similar related posts?

  • Parham

    Iran probably has the most advanced filtering and blocking system I’ve seen. There is a combination of Iranian-built and brand name dpi solutions working the details. Its getting harder by day to communicate with outside and whenever the government wants, it can block all encrypted connections … really got a kill switch.

    Been to China and it was way easier to establish a tunnel and bypass filtering systems.