Blocking specific sites within certain countries.

Valdis.Kletnieks at Valdis.Kletnieks at
Thu Nov 14 23:01:26 UTC 2002

On Thu, 14 Nov 2002 17:26:21 EST, "Patrick W. Gilmore" <patrick at>  said:

> Not if you block the domain name from resolving at the 
> caching name server, only if you block the IP address to which is resolves 
> on your routers.  (Which in many cases will be an Akamai server inside your 
> network - if not, just ask. :) deleted)

So tell me again how you're going to filter  And how you're
not going to piss off the OTHER sites on that server? (Yes, I know that the
virtualized hostname is down in the (rest deleted) part of the URL - is that
what you want to try to filter in a firewall? Especially when the name could
(and probably will) be % encoded or whatever?

Or are we simply assuming that all terrorists are dumb enough to not know
how to use a proxy? (Remember that we *are* worried they're smart enough to
use strong crypto...)
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list