3 Oct 2011
Within the last few weeks, there have been reports that Iran has been blocking Tor, an online anonymizing tool, and PPTP and L2TP VPN protocols and most recently an Iranian general said that the Islamic Republic was ready to “reciprocate a cyber attack” by the US or its allies.
On September 14, 2011, the Tor Project reported on its blog:
Yesterday morning (in our timezones — that evening, in Iran), Iran added a filter rule to their border routers that recognized Tor traffic and blocked it. Thanks to help from a variety of friends around the world, we quickly discovered how they were blocking it and released a new version of Tor that isn’t blocked. Fortunately, the fix is on the relay side: that means once enough relays and bridges upgrade, the many tens of thousands of Tor users in Iran will resume being able to reach the Tor network, without needing to change their software.
How did the filter work technically? Tor tries to make its traffic look like a web browser talking to an https web server, but if you look carefully enough you can tell some differences. In this case, the characteristic of Tor’s SSL handshake they looked at was the expiry time for our SSL session certificates: we rotate the session certificates every two hours, whereas normal SSL certificates you get from a certificate authority typically last a year or more. The fix was to simply write a larger expiration time on the certificates, so our certs have more plausible expiry times.
According to Tor’s own figures, an average of about 30,000 Iranians inside of Iran are using the online tool to circumvent Iran’s filters and online surveillance system, and also to hide their tracks online.
More recently, the government has recently also been cracking down on the use of VPNs.
“All countries have their own specific rules for using Internet,” he added.
Finally, Iran has been stepping up its language in response to the Stuxnet attack, which hit Iran’s nuclear program over a year ago.
“Iran will reciprocate [any] cyber attack by the United States or its allies,” said Brigadier-General Ali Shadmani, head of the Operations Department of the Iranian Armed Forces, in a statement to the press last week.
These new policies are very consistent with Iran’s previous behavior of saying that it would be countering American Internet freedom policies and would be stepping up graduate-level cyberdefense programs.