China blocked all HTTPS connection abroad for 1 hour in midnight
4 days ago
- #Network Security
- #Great Firewall
- #Internet Censorship
- Anomalous behavior of the Great Firewall of China (GFW) observed between 00:34 and 01:48 (UTC+8) on August 20, 2025, disrupting TCP port 443 connections.
- Unconditional injection of forged TCP RST+ACK packets caused widespread internet disruption between China and the rest of the world.
- Trigger mechanism for RST+ACK injections was asymmetrical, differing for traffic originating inside and outside China.
- Incident was limited to TCP port 443; other common ports like 22, 80, and 8443 were unaffected.
- Analysis suggests the incident was caused by a previously uncatalogued GFW device or a known device in a misconfigured state.
- The event lasted approximately 74 minutes, with no further disruptions observed after 01:48 UTC+8.
- Community contributions were crucial in documenting and analyzing the short-lived incident.