S. Basso (Open Observatory of Network Interference)

We designed DNSCheck, an active network experiment to detect the blocking of DoT/DoH services. We implemented DNSCheck into OONI Probe, the network-interference measurement tool we develop since 2012. We compiled a list of popular DoT/DoH services and ran DNSCheck measurements with help from volunteer OONI Probe users. We present preliminary results from measurements in Kazakhstan (AS48716), Iran (AS197207), and China (AS45090). We tested 123 DoT/DoH services, corresponding to 461 TCP/QUIC endpoints. We found endpoints to fail or succeed consistently. In AS197207 (Iran), 50% of the DoT endpoints seem blocked. Otherwise, we found that more than 80% of the tested endpoints were always reachable. The most frequently blocked services are Cloudflare’s and Google’s. In most cases, attempting to reach blocked endpoints failed with a timeout. We observed timeouts connecting, during, and after the TLS handshake. TLS blocking depends on either the SNI or the destination endpoint.

View More Papers

BaseSpec: Comparative Analysis of Baseband Software and Cellular Specifications...

Eunsoo Kim (KAIST), Dongkwan Kim (KAIST), CheolJun Park (KAIST), Insu Yun (KAIST), Yongdae Kim (KAIST)

Read More

Bringing Balance to the Force: Dynamic Analysis of the...

Abdallah Dawoud (CISPA Helmholtz Center for Information Security), Sven Bugiel (CISPA Helmholtz Center for Information Security)

Read More

JMPscare: Introspection for Binary-Only Fuzzing

Dominik Maier, Lukas Seidel (TU Berlin)

Read More

Trust the Crowd: Wireless Witnessing to Detect Attacks on...

Kai Jansen (Ruhr University Bochum), Liang Niu (New York University), Nian Xue (New York University), Ivan Martinovic (University of Oxford), Christina Pöpper (New York University Abu Dhabi)

Read More