Despite the Sri Lankan government’s announcement of freeing previously blocked by the Rajapaksa regime and even after the appointment of President’s brother Kumarasinghe Sirisena as the chairman of Sri Lanka Telecom, Colombo Telegraph continues to be blocked.
After the presidential elections of the 8th of January 2015, the Internet blocking that was taking place at the mobile operator Dialog Axiata PLC against the website Colombo Telegraph was released. The site remains under monitoring at the Sri Lanka Telecom network, the largest telecommunication provider in the country.
Sri Lanka Telecom, one country, one voice and one block!
Our research reveals that the blocking is talking place at the servers ns.slt.lk, particularly the server 188.8.131.52, that is actively tampering the name resolution of colombotelegraph.com.
Users requesting access to the domain name colombotelegraph.com that make use of domain name servers depending on Sri Lanka Telecom get a bogus response (127.0.0.1), that makes the site unaccessible.
We have tested this behavior from the following networks inside Sri Lanka Telecom. 184.108.40.206/24, 220.127.116.11/24, 18.104.22.168/24, 22.214.171.124/24 and 126.96.36.199/24. The first four networks correspond to customer’s lease lines and the forth network is a government network hosting websites like “The Public Service Commission” or the “ICT Agency for Sri Lanka”.
Our research confirms that DNS requests in these networks are forwarded to server r1.ns.slt.lk, a domain name server resolver located in the central office of Sri Lanka Telecom at the OTS Bulding in Lotus Road in Colombo.
Our forensic examination also shows evidence that the interception is implemented by a Barracuda* appliance. Barracuda appliances are sold by South Asian Technologies Ltd., the authorized distributor of Barracuda products in Sri Lanka.
Barracuda is an American security firm funded in 2003 by Dean Drako that became lately notoriously known for integrating backdoors in their products.
It is our understanding that the blocking was implemented at the direction of the Telecom Regulatory Commission and/or the Minister. Under the provisions of the Sri Lanka Telecommunications Act, No. 25 of 1991, s. 69, “the Minister may, upon being satisfied of the above matter by Order made either generally and published in the Gazette or specially in writing in respect of any telecommunication service provided in any place in Sri Lanka or in any ship in the territorial waters of Sri Lanka or in any vehicle or aircraft in or over Sri Lanka or the territorial waters thereof.”
In the absence of such lawful order, we contend that the TRCSL has engaged in an act that is ultra vires. Colombo Telegraph request the Sri Lankan government authorities to examine the facts of the case and provide us with (a) a detailed explanation and (b) an assurance that such unlawful acts shall not be repeated.
*Barracuda Appliances with backdoors;
History of Colombo Telegraph blocking
First -December 26, 2011 – We are blocked but we will not be stopped
Second – May 8, 2012 – Colombo Telegraph Blocked Again
Fourth – August 23, 2013 – Colombo Telegraph Blocked, How To Reach Us Now: Sri Lanka Telecom And Mobitel Joins The DPI Club!
October 26, 2012 – Colombo Telegraph Was Hacked
August 9, 2012 – Colombo Telegraph Password Cracking Attempt Blocked
Freedom House Report: Freedom On The Net 2012, Sri Lanka Is A Country At Risk