Re: [fw-wiz] Blocking Google Talk


"Mike Powell" <mikep@xxxxxxxxxxx> wrote:

To me, this says
that someone...

"Someone?"

...planned for Google Talk to work around blocking, even if
XMPP on port 5222 was filtered. I call that deliberate subversion (and
it means that google lied on their google talk faq page about how the
client works).
[snip]

You can't just block
all communications to talk.google.com, because the addresses that
talk.google.com points to are the same addresses that www.google.com
points to. If you block talk.google.com by IP, you will also block
www.google.com.
[snip]

A suspicious individual might believe that Google did this all on
purpose. A suspicious person might believe that Google, knowing their
search engine is immensely popular, figured network policy
administrators wouldn't be able to take the heat for blocking Google's
web services entirely, "just" to stop the use of Google Talk.

That would probably be too paranoid and cynical, right? It's probably
just a typical case of sacrificing network security on the alter of
end-user convenience, right?

For some of us, however, Google might prove to be wrong in whatever
their thinking--or lack thereof. Unfortunately, probably not enough of
us to persuade operations like Google, etc. not to pull such stunts.

Jim
--
Note: My mail server employs *very* aggressive anti-spam
filtering. If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.linxnet.com/scform.php>.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards