Home
 > Research and Reports > TEC Blog > Saudi Arabian Network Security Provokes Local Considerati...

Saudi Arabian Network Security Provokes Local Considerations

Written By: Laura Taylor
Published On: April 6 2000

<

Event Summary

In The Kingdom of Saudi Arabia, the entire Internet backbone is concealed behind a countrywide firewall that is built on Sun Solaris servers using the freeware proxy server known as Squid. The firewall is located at the King Abdul Aziz University for Science and Technology (KACST). To keep foreign nations from viewing various local Saudi websites, the massive firewall blocks TCP/IP ports 80 and 443 for all connections coming into the county. Ports 40 and 443 are the HTTP and HTTPS ports respectively.

The only way for big Saudi companies to broadcast their websites is through dial-up connections to the U.S., since there is no local means of getting their websites out of the country. In fact, if you go to the following location, you won't see much:

http://www.kacst.edu.sa

Internet security in Saudi Arabia is so intense that any time someone connects to a Saudi chat room, a TCP/IP port scan on the source host is automatically initiated. Inside sources confirm that various government employed security engineers spend a considerable amount of time auditing Saudi chat room users to enforce the countrywide firewall policy. In fact, government imposed security attacks are so prevalent that most Saudi Arabian Internet users simply accept them as a fact of life.

This affluent oil-based-economy is governed by a strong monarchy which did not allow its citizens to access the Internet until early 1998. Local service providers must abide by strict government regulations and must obtain a government issued Internet license.

Considerations

The Saudi's were the last of the Arab states to go on-line and did so with the help of numerous system and network consultants from Germany. Are they behind the times when it comes to technology, or do they simply take more precautions when it comes to network security? Early on, government officials insisted that the launch of the Internet in Saudi Arabia would undergo a careful planning process. In spite of the tight Internet security imposed by the government, Saudi Arabian companies are still able to offer dial-up, webhosting, and e-Commerce services.

Perhaps the Saudi's are over zealous when it comes to system and network security. Or perhaps the United States is downright foolish for allowing such widespread access to our government websites. What would be the impact on U.S. e-Commerce sites if we tightened up access to our government websites and networks? Why do foreign nations need access to our government websites? U.S. Federal Agencies are notorious for being lax on their website and network security and are often the brunt of ridicule on hacker sites such as the Attrition.org and Hackernews.com websites.

What would be the impact of only allowing U.S. companies, and U.S. citizens access to websites ending with the domain classification .gov? Maybe there are valid reasons for leaving our government websites open to the rest of the world. And if there are valid reasons, let's understand them. Traditionally, the U.S. has always had very strong armed forces. But what about our national cyber security? Before exposing the crown jewels of our democracy to untrusted nations, proper due diligence would suggest that we understand the reasons for doing so first. Are our lawmakers in Washington technically savvy enough to protect us from cyber terrorism? These questions require further consideration.

 
comments powered by Disqus

Recent Searches
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Others

©2014 Technology Evaluation Centers Inc. All rights reserved.