[p2p-hackers] Some Clarifications regarding Egypt

Sameh El-Ansary sansary at nileuniversity.edu.eg
Mon Feb 14 08:59:02 EST 2011


Hi, now that the dust has partially settled, I started asking around and
here is some more info that I got.

INTERNET SHUTDOWN
===================

* All the ISPs were disconnected from any outgoing connections except for one. 
   (Noor) which was initially for the voice-to-tweet service before shutting this one as well.

* The network of the biggest ISP TE-DATA  (the government-owned one) in Egypt was totally
   functional inside Egypt.  Actually some people happened to have DSL connections to both,
   started bridging Noor with TE-DATA, and giving the IPs to their friends.

* It seems also that some sysadmins who were employees in companies that had satellite
   connections, while extremely rare, as I said before, started to bridge it as well.

So, with the Internal networking working and bridging to satellite/international dial-up/rare-satellite-links. The P2P ideas described in this thread were definitely possible in the case of Egypt

TWITTER ATTACK (IP or DNS?)
=========================
> Do you think they were blocking at the IP or DNS layer?


* Still did not get any sure information about that.

*Using open DNS and google DNS servers are popular here.  Have not heard from people that this solved the problem. Unless these IPs were spoofed as well.  Therefore, I guess it was IP filtering. On the other hand, I can see that google has provided some IPs for people to work with for twitter and facebook, so may be it was DNS after all.

* Anyway, I wanted to know if it is possible to  collect all/a-lot-of  twitter IPs and I actually did an experiment this morning by doing a DNS queries with 1query/sec rate and found that I can exhaust the round-robin/random range of twitter IPs in approx. 10 mins, my output looked like this and stayed that way for a very long time. 
3 IPs, after 0 sec
6 IPs, after 10 sec
8 IPs, after 38 sec
10 IPs, after 56 sec
12 IPs, after 83 sec
13 IPs, after 99 sec
16 IPs, after 130 sec
19 IPs, after 159 sec
20 IPs, after 190 sec
21 IPs, after 281 sec
22 IPs, after 370 sec
23 IPs, after 387 sec
24 IPs, after 447 sec
25 IPs, after 523 sec
26 IPs, after 553 sec
27 IPs, after 570 sec
28 IPs, after 600 sec

* Repeating the same experiment on facebook.com, I found that I only got 3 unique IPs with random ordering. This means, that IP filtering would be much easier on facebook. Actually they blocked Facebook on/off in Syria recently.

CRITICAL SERVICES
=================
> Also, were there any reports of (say) hospitals, government offices, 
> police stations, or any critical facilities being affected by a sudden 
> loss of internet?  If the answer is "no", then do you think that's because:
> a) They don't use the internet
> b) They didn't complain
> c) They did complain and it wasn't reported
> d) They didn't lose the internet

Interesting question. The stock market was actually working. Do not know
how, and I am not sure if that was during the total blackout. The biggest
complain about Internet shutdown was from Call Centers who were offering
technical support outsourcing and services alike.
Hospitals and police stations are not that techie to start with. Besides,
the police blackout period was much longer than the Internet blackout
period.

DIAL-UP
========
> Ok, so land lines were working continuously throughout?  Even 
> international land lines?

Yes, both land lines and international dialling were possible
Found out that public international dial-up numbers were made available.
http://www.google.com/crisisresponse/egypt.html
That link was and still-is underneath Google's search box, if you are googling from Egypt.

Sameh


On 9,Feb, 2011, at 1:56 AM, David Barrett wrote:

> Sorry for taking so long to reply to this.  This is really fantastic 
> information, thank you.  It's the only detailed on-the-ground 
> information I've really read on the topic.  Some questions inline:
> 
> On 02/06/2011 09:18 AM, Sameh El-Ansary wrote:
>> Dear P2P-Hackers,
>> I- DIFFERENT PHASES
>> ---------------------------------
>> Let me clarify that at different stages, we had different challenges.
>> Phase 1: Only Twitter was blocked.
>> Solution: People started using public proxies.
>> Even VPNs, were a bit too much of an advanced idea for some people.
>> They started disseminating the info through Facebook.
> 
> Do you think they were blocking at the IP or DNS layer?

> 
>> Phase 2: No Internet
>> At this stage, I can not confirm whether routing inside Egypt was still
>> working
>> on or not. All ISPs and Mobile operators were ordered to shut it down.
>> and I am interested to know (as some of you are), how did they do it.
>> But ordering physical powering off of all switches is not unimaginable here.
> 
> By "shut it down" do you mean when people turned on their computers at 
> home, their DSL modems weren't able to connect?  Or did they connect but 
> perhaps DHCP didn't return any response?  Or maybe that they did get a 
> DHCP response but for some reason all packets were blocked?  Or maybe 
> the connection was in fact fine domestically, but everybody was so 
> accustomed to checking international websites that nobody really 
> realized the domestic connections were working fine?
> 
> 
> Also, were there any reports of (say) hospitals, government offices, 
> police stations, or any critical facilities being affected by a sudden 
> loss of internet?  If the answer is "no", then do you think that's because:
> a) They don't use the internet
> b) They didn't complain
> c) They did complain and it wasn't reported
> d) They didn't lose the internet
> 
> 
> 
>> Phase 3: No SMS
>> Just one more censorship level
>> 
>> Phase 4: No Internet & no mobile services.
>> At this point there was nothing working but land-lines. Again, I can not
>> confirm whether routing was working or not. However, if you are using a 3G
>> connection, there was no even GSM signal to start with !!
> 
> Ok, so land lines were working continuously throughout?  Even 
> international land lines?
> 
> 
>> I hope this gives a closer picture to what has been going on in Egypt.
>> I hope I can still communicate and brainstorm with you on the subject,
>> however, I am rarely online now.
>> 
>> Finally, we have no shortage of techies here. We can set up any complex
>> system.
>> Everybody, is volunteering to do something
>> and self-organizing communities are being formed in a speed beyond belief.
>> Needless to say, the things have to be simple enough to be used by
>> non-techie masses.
> 
> This is great; really helpful stuff.  Thanks, and good luck to you!
> 
> -david
> Founder and CEO of Expensify
> Follow us at http://twitter.com/expensify
> _______________________________________________
> p2p-hackers mailing list
> p2p-hackers at lists.zooko.com
> http://lists.zooko.com/mailman/listinfo/p2p-hackers

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.zooko.com/pipermail/p2p-hackers/attachments/20110214/1aca0f1b/attachment.htm 


More information about the p2p-hackers mailing list