How to break the Great Firewall of China

I know too well what the Great Firewall of China does. It blocks web sites containing banned words like “Falun Gong” and resets connections with your email servers if your email message contains similar banned words. Once I’d captured TCP packets with Ethereal and found that TCP reset packets were injected to both the server and client, forcing them to drop the connection.

Computer experts from Cambridge research group have found exactly the same thing. The researchers also found that it was possible to circumvent the Chinese firewall by ignoring the forged TCP resets injected by Chinese Firewalls (Routers). Not only that, but it is also possible to launch denial-of-service attacks against specific IP addresses within China including those of Chinese Government itself.