Roskomnadzor accidentally blocked the "stub" of providers
IT expert Mikhail Klimarev said that Roskomnadzor had blocked the “plugs” of at least three Internet providers.
A stub is a page that the provider points to or redirects to the subscriber instead of a blocked site. It indicates the reason for blocking. Some providers place ads for their services there.
On the morning of February 28, Roskomnadzor added the following records to the upload (given to providers to the list of addresses and domains to be blocked)
This address is the stub of the St. Petersburg provider InterZet (in 2014, it was absorbed by the provider Dom.ru). The note to the entry specifies the decision to block Telegram, on the basis of which access to many third-party proxy servers is unlawfully restricted on a daily basis.
')
Over the past weeks, Roskomnadzor has noticeably increased the speed at which proxy servers are detected (users report that the proxy raised by them is often blocked in just a few hours). According to the owner of the TgVPN service, Vladislav Zdolnikov, this has been achieved in two ways:
This is accompanied either by the lack of verification of blocked addresses, or by superficial verification. Apparently, the owner of one of the blocked proxy jokes for the sake of indicated in the A-record the address of the provider stubs.
In 2017, the RKN was already attacking the exact same rake (and before that the theoretical possibility of an attack was widely discussed for several years). In 2018, according to the same scheme , the provider Transtelecom “flew in” .
After these attacks, Roskomnadzor reported that providers had been instructed not to resolve the blocked domains. Now we see that the supervisor does not follow its own recommendations.
It is reported that Dom.ru and MTS (another affected provider) were forced to completely disable content filtering. A few hours later the victims were unlocked .
A stub is a page that the provider points to or redirects to the subscriber instead of a blocked site. It indicates the reason for blocking. Some providers place ads for their services there.
On the morning of February 28, Roskomnadzor added the following records to the upload (given to providers to the list of addresses and domains to be blocked)
<ip ts="2019-02-28T11:13:00+03:00">5.3.3.17</ip> This address is the stub of the St. Petersburg provider InterZet (in 2014, it was absorbed by the provider Dom.ru). The note to the entry specifies the decision to block Telegram, on the basis of which access to many third-party proxy servers is unlawfully restricted on a daily basis.
')
Over the past weeks, Roskomnadzor has noticeably increased the speed at which proxy servers are detected (users report that the proxy raised by them is often blocked in just a few hours). According to the owner of the TgVPN service, Vladislav Zdolnikov, this has been achieved in two ways:
- The ILV dumps a trunk of some operator for SOCKS and MTProto traffic without additional obfuscation.
- For blocking proxies that are resolved to different IP addresses from different geographic locations, the “Auditor” hardware and software complex installed at each provider in Russia is used (which in itself is inappropriate use, since “Auditor” is intended only to control the execution of locks providers).
This is accompanied either by the lack of verification of blocked addresses, or by superficial verification. Apparently, the owner of one of the blocked proxy jokes for the sake of indicated in the A-record the address of the provider stubs.
In 2017, the RKN was already attacking the exact same rake (and before that the theoretical possibility of an attack was widely discussed for several years). In 2018, according to the same scheme , the provider Transtelecom “flew in” .
After these attacks, Roskomnadzor reported that providers had been instructed not to resolve the blocked domains. Now we see that the supervisor does not follow its own recommendations.
It is reported that Dom.ru and MTS (another affected provider) were forced to completely disable content filtering. A few hours later the victims were unlocked .
Source: https://habr.com/ru/post/442142/
All Articles