Blocking specific sites within certain countries.

Patrick W. Gilmore patrick at
Fri Nov 15 01:50:36 UTC 2002

-- On Friday, November 15, 2002 12:45 AM +0100
-- hostmaster <hostmaster at> supposedly wrote:

> At 05:28 PM 11/14/2002, Patrick W. Gilmore most definitely admitted:

>> Suppose they just make it a law that each ISP has to block ""
>> in their caching name servers?
> Who is 'they', Patrick ? Suppose Spain introduces that law. Fine, but
> that doesn't mean that other countries have to (or will ever) abide by
> that. Certainly in the U.S. you won't find that many who would support
> even the idea.

This thread was started 'cause the Spanish (?) government wanted to do 
blocking.  So it would stop all the people in Spain.  And I seriously doubt 
they care what the US government or its citizens do outside of Spain.

IOW: You are right, but that's not the point of this thread.

>> Sure, the user could telnet somewhere and find the IP address themselves,
>> but it would stop 99.99% of the lusers out there.
> Thousands of non-Spanish dns servers (not under the Spanish restriction)
> would have cached the propagated url from Akamai. Any Spanish
> user really wanting to see will get it.  To make it a more
> permanent experience the Spanish conquistador should install his own
> winooz 95 dns service (I believe it's free), and peg it to a secondary
> dns outside his beautiful country.

1) I submit over 99% of users would not even know what "dns service" is, 
more or less how to install it, or even that they CAN install it.

2) It is trivial to filter all port 53 and/or redirect all name service 
queries in your network to your name server.

3) We are discussing the government making a law about Internet technology. 
I am impressed they even know what a domain name is, and not surprised at 
all that their suggested "fix" is full holes.

IOW: You are right again, but that's still not the point of this thread. =)

> Bert Fortrie


P.S. This is NANOG, please use ASCII with "quote characters" (e.g. ">") to 
distinguish your text from other's.  Reading your e-mails is a bit 
confusing.  (At least you use Eudora and not Outlook, but still....)

More information about the NANOG mailing list