On Thu, 14 Nov 2002 17:26:21 EST, "Patrick W. Gilmore" <[EMAIL PROTECTED]>  said:

> Not if you block the domain name terrorist.com from resolving at the 
> caching name server, only if you block the IP address to which is resolves 
> on your routers.  (Which in many cases will be an Akamai server inside your 
> network - if not, just ask. :)

http://a1016.g.akamai.net/f/1016/606/1d/(rest deleted)

So tell me again how you're going to filter a1016.g.akamai.net?  And how you're
not going to piss off the OTHER sites on that server? (Yes, I know that the
virtualized hostname is down in the (rest deleted) part of the URL - is that
what you want to try to filter in a firewall? Especially when the name could
(and probably will) be % encoded or whatever?

Or are we simply assuming that all terrorists are dumb enough to not know
how to use a proxy? (Remember that we *are* worried they're smart enough to
use strong crypto...)
-- 
                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech

Attachment: msg06694/pgp00000.pgp
Description: PGP signature

Reply via email to