Firewall Wizards mailing list archives
Re: (no subject)
From: Aaron Smith <smitha () byui edu>
Date: Tue, 20 Jun 2006 16:03:49 -0600
On Tue, 2006-06-20 at 13:12 -0500, Frank Knobbe wrote:
On Mon, 2006-06-19 at 22:18 -0400, Paul D. Robertson wrote: But looky here! Today I get: # host talk.google.com talk.google.com is an alias for talk.l.google.com. talk.l.google.com has address 216.239.37.125 talk.google.com is an alias for talk.l.google.com. talk.google.com is an alias for talk.l.google.com. # host www.google.com www.google.com is an alias for www.l.google.com. www.l.google.com has address 64.233.179.99 www.l.google.com has address 64.233.179.104 www.google.com is an alias for www.l.google.com. www.google.com is an alias for www.l.google.com. So it would appear that the initial reports are wrong and the IP addresses are indeed different. Hopefully you are able to block all distributed IP's for talk.google while leaving at least some for www.google unblocked so you can use the search engine.
Not quite--you need to use a better DNS query tool: # dnsq a talk.google.com ns1.google.com ──(Tuesday, June 20)─┘ 1 talk.google.com: 246 bytes, 1+1+6+6 records, response, authoritative, noerror query: 1 talk.google.com answer: talk.google.com 604800 CNAME talk.l.google.com authority: l.google.com 86400 NS a.l.google.com authority: l.google.com 86400 NS b.l.google.com authority: l.google.com 86400 NS c.l.google.com authority: l.google.com 86400 NS d.l.google.com authority: l.google.com 86400 NS e.l.google.com authority: l.google.com 86400 NS g.l.google.com additional: a.l.google.com 86400 A 216.239.53.9 additional: b.l.google.com 86400 A 64.233.179.9 additional: c.l.google.com 86400 A 64.233.161.9 additional: d.l.google.com 86400 A 64.233.183.9 additional: e.l.google.com 86400 A 66.102.11.9 additional: g.l.google.com 86400 A 64.233.167.9 # dnsq a www.google.com ns1.google.com ──(Tuesday, June 20)─┘ 1 www.google.com: 244 bytes, 1+1+6+6 records, response, authoritative, noerror query: 1 www.google.com answer: www.google.com 604800 CNAME www.l.google.com authority: l.google.com 86400 NS a.l.google.com authority: l.google.com 86400 NS b.l.google.com authority: l.google.com 86400 NS c.l.google.com authority: l.google.com 86400 NS d.l.google.com authority: l.google.com 86400 NS e.l.google.com authority: l.google.com 86400 NS g.l.google.com additional: a.l.google.com 86400 A 216.239.53.9 additional: b.l.google.com 86400 A 64.233.179.9 additional: c.l.google.com 86400 A 64.233.161.9 additional: d.l.google.com 86400 A 64.233.183.9 additional: e.l.google.com 86400 A 66.102.11.9 additional: g.l.google.com 86400 A 64.233.167.9
And if that is still not possible, if Google makes it so hard to prevent access to certain services without affecting the search engine, then you can always just not use Google and use another search engine instead. Cheers, Frank
I wouldn't survive the users' reaction to blocking Google's search engine. ________________________________________________________________________ @@ron Smith <smitha () byui edu> Network Operations Brigham Young University Idaho _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- (no subject) Paul D. Robertson (Jun 19)
- Re: (no subject) Devdas Bhagat (Jun 20)
- Re: (no subject) Marcus J. Ranum (Jun 21)
- Re: (no subject) Frank Knobbe (Jun 20)
- Re: (no subject) Aaron Smith (Jun 21)
- Re: (no subject) Coleburn (Jun 22)
- Re: (no subject) Aaron Smith (Jun 21)
- Re: (no subject) Devdas Bhagat (Jun 20)