Blocking specific sites within certain countries.
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Thu Nov 14 23:01:26 UTC 2002
On Thu, 14 Nov 2002 17:26:21 EST, "Patrick W. Gilmore" <patrick at ianai.net> said:
> Not if you block the domain name terrorist.com from resolving at the
> caching name server, only if you block the IP address to which is resolves
> on your routers. (Which in many cases will be an Akamai server inside your
> network - if not, just ask. :)
http://a1016.g.akamai.net/f/1016/606/1d/(rest deleted)
So tell me again how you're going to filter a1016.g.akamai.net? And how you're
not going to piss off the OTHER sites on that server? (Yes, I know that the
virtualized hostname is down in the (rest deleted) part of the URL - is that
what you want to try to filter in a firewall? Especially when the name could
(and probably will) be % encoded or whatever?
Or are we simply assuming that all terrorists are dumb enough to not know
how to use a proxy? (Remember that we *are* worried they're smart enough to
use strong crypto...)
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20021114/6c6f2686/attachment.sig>
More information about the NANOG
mailing list