Re: [fw-wiz] (no subject)
- From: Aaron Smith <smitha@xxxxxxxx>
- Date: Tue, 20 Jun 2006 16:03:49 -0600
On Tue, 2006-06-20 at 13:12 -0500, Frank Knobbe wrote:
On Mon, 2006-06-19 at 22:18 -0400, Paul D. Robertson wrote:
But looky here! Today I get:
# host talk.google.com
talk.google.com is an alias for talk.l.google.com.
talk.l.google.com has address 216.239.37.125
talk.google.com is an alias for talk.l.google.com.
talk.google.com is an alias for talk.l.google.com.
# host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 64.233.179.99
www.l.google.com has address 64.233.179.104
www.google.com is an alias for www.l.google.com.
www.google.com is an alias for www.l.google.com.
So it would appear that the initial reports are wrong and the IP
addresses are indeed different. Hopefully you are able to block all
distributed IP's for talk.google while leaving at least some for
www.google unblocked so you can use the search engine.
Not quite--you need to use a better DNS query tool:
# dnsq a talk.google.com ns1.google.com
──(Tuesday, June 20)─┘
1 talk.google.com:
246 bytes, 1+1+6+6 records, response, authoritative, noerror
query: 1 talk.google.com
answer: talk.google.com 604800 CNAME talk.l.google.com
authority: l.google.com 86400 NS a.l.google.com
authority: l.google.com 86400 NS b.l.google.com
authority: l.google.com 86400 NS c.l.google.com
authority: l.google.com 86400 NS d.l.google.com
authority: l.google.com 86400 NS e.l.google.com
authority: l.google.com 86400 NS g.l.google.com
additional: a.l.google.com 86400 A 216.239.53.9
additional: b.l.google.com 86400 A 64.233.179.9
additional: c.l.google.com 86400 A 64.233.161.9
additional: d.l.google.com 86400 A 64.233.183.9
additional: e.l.google.com 86400 A 66.102.11.9
additional: g.l.google.com 86400 A 64.233.167.9
# dnsq a www.google.com ns1.google.com
──(Tuesday, June 20)─┘
1 www.google.com:
244 bytes, 1+1+6+6 records, response, authoritative, noerror
query: 1 www.google.com
answer: www.google.com 604800 CNAME www.l.google.com
authority: l.google.com 86400 NS a.l.google.com
authority: l.google.com 86400 NS b.l.google.com
authority: l.google.com 86400 NS c.l.google.com
authority: l.google.com 86400 NS d.l.google.com
authority: l.google.com 86400 NS e.l.google.com
authority: l.google.com 86400 NS g.l.google.com
additional: a.l.google.com 86400 A 216.239.53.9
additional: b.l.google.com 86400 A 64.233.179.9
additional: c.l.google.com 86400 A 64.233.161.9
additional: d.l.google.com 86400 A 64.233.183.9
additional: e.l.google.com 86400 A 66.102.11.9
additional: g.l.google.com 86400 A 64.233.167.9
And if that is still not possible, if Google makes it so hard to prevent
access to certain services without affecting the search engine, then you
can always just not use Google and use another search engine instead.
Cheers,
Frank
I wouldn't survive the users' reaction to blocking Google's search
engine.
________________________________________________________________________
@@ron Smith <smitha@xxxxxxxx>
Network Operations
Brigham Young University Idaho
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] (no subject)
- From: Coleburn
- Re: [fw-wiz] (no subject)
- References:
- [fw-wiz] (no subject)
- From: Paul D. Robertson
- Re: [fw-wiz] (no subject)
- From: Frank Knobbe
- [fw-wiz] (no subject)
- Prev by Date: Re: [fw-wiz] (no subject)
- Next by Date: Re: [fw-wiz] Blocking Google Talk
- Previous by thread: Re: [fw-wiz] (no subject)
- Next by thread: Re: [fw-wiz] (no subject)
- Index(es):
Relevant Pages
|
