Journal d'investigation en ligne et d'information‑hacking
par bluetouff

#OpSyria S04E02 : The Iron Strike investigation, now open for fun and profit

Greetings, Hackers and Freedom fighters. By the end of the Season 3 of #OpSyria, Telecomix, FHIMT and Reflets published 54Go of Syrian Censorship logs. The Season 4 is called "The Iron Strike", or how to strike the FastIron Cache of the syrian's Net censorship infrastructure.

Greetings, Hackers and Freedom fighters. By the end of the Season 3 of #OpSyria, Telecomix, FHIMT and Reflets published 54Go of Syrian Censorship logs. The Season 4 is called "The Iron Strike", or how to strike the FastIron Cache of the syrian's Net censorship infrastructure.

FastIron Cache is composed of 6 BlueCoat SG400, 4 NetApp and three others machines (ServerIron-S, ServerIron-M and Management : last one might host the management interface of the syrian censorship) probably very recently acquired by the Syrian regime thanks to an italian integrator, AreaSpa (sources here and here).

AreaSpa was not alone. This system includes americans BlueCoat and NetApp hardware providers, Qosmos Deep Packet Inspection software french provider, and Utimaco software german provider. AreaSpa and theses companies sold and set up this system last summer. They cannot tell they did not know that the purpose of it was to track and kill dissidents.

So we pushed our investigation further to localize theses machines. They're in Syria, up and running.

Today, we share it with the world.

Enjoy.

The Target

The Syrian Computer Society is hosting Gov and some Corporate appliances or web applications. This ISP has been created by Bachar El Assad himself. You can find the Facebook SCS page here.

* netname: sy-scs-net * mnt-routes: SCS-NOC * mnt-routes: STEMNT-1 * descr: SCS-NET is an ISP based in Damascus Syria 

BlueCoat devices are up and running

... And we...