[ooni-dev] Available for collaboration - neumon.org

balooni at espiv.net balooni at espiv.net
Tue May 5 14:19:29 UTC 2015 

Hi Clodo,

Thank you for your interest in OONI.

Clodo wrote:

> I'm the creator of the no-profit service http://www.neumon.org .
> It's a project similar to OONI, but focused only on DNS and HTTP.

Do you have the code published somewhere?

> NeuMon browse collected DNS servers, and check if can be queried (open
> and recursive). This because most of DNS ISP are recursive only from
> it's customers subnet.
> We maintain a huge list of domains to check (mix of known blocked
> website, top alexa, etc).
> Every DNS it's queried for each domains, we collect results, compare
> against a known good value and discover custom injection (generally
> that point to blocking page, i published some
> example here: http://tinyurl.com/pl8znb4 ).
> 
> So, i have:
> - - a huge list of DNS servers, with country geolocation.
> - - lists of domains blocked, country-based. Not exaustive.
> - - i know many IP address that are destination of DNS redirection,
> typically IP of servers that show html blocking pages. And DNS servers
> of ISP that redirect to these addresses.

It was quite difficult to find out and interpret the results from
[1] could you maybe provide some pointers?
 
> An example of data i know:
> # dig www.sex.com @203.146.237.237 +short
> answer: http://203.146.43.133/
> i know hundred of domains that redirect to the same answer.
> 
> I never made public my results. Because i never know anyone interested
> in that data, only about the lists of domains censored. But i never
> publish it because contains child pornography domains.

How did you find out about these domains and why do you think that they
contain CP?

In any case it would be very interesting to see these results or
of the ones that can be made public.

> We also build a probe software, to allow other activists connected to
> the ISP directly to launch it and detect censorship not based on DNS.

It will be very interesting to instruct the probe software submit
results to an ooni backend [2]. In any case the probe software can
maybe even written as an ooniprobe test [3].

> But nobody want to run a software that fetch also child pornography
> domains, so nobody want to run our probe.

I don't think that is all about CP only.
Right now there are so many blacklists and censored websites worldwide
and as far as I know people are interested in finding out of what
resources are being blocked. Many of these started blocking
gambling related websites and later added a bunch of other
websites hence opening the door for censorship and blocking of other
websites at will [4], [5].

[1] http://www.neumon.org/country/
[2] https://github.com/TheTorProject/ooni-backend
[3] https://ooni.torproject.org/docs/writing_tests.html
[4] https://edri.org/increased-level-of-online-censorship-in-italy/
[5]
https://lists.torproject.org/pipermail/ooni-dev/2015-January/000220.html


Cheers
~anadahz

More information about the ooni-dev mailing list