[97327] in North American Network Operators' Group
Re: Network Level Content Blocking (UK)
daemon@ATHENA.MIT.EDU (Sean Donelan)
Thu Jun 7 16:07:01 2007
Date: Thu, 7 Jun 2007 16:05:20 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: Iljitsch van Beijnum <iljitsch@muada.com>
Cc: nanog <nanog@merit.edu>
In-Reply-To: <F550C5FB-9CFE-4008-8893-9D05A932C569@muada.com>
Errors-To: owner-nanog@merit.edu
On Thu, 7 Jun 2007, Iljitsch van Beijnum wrote:
>> Its more than null routes, but not much more. The router does a re-route
>> on a list of network/IP address, and then for the protocols the redirector
>> box understands (i.e. pretty much only HTTP) it matches part of the
>> application/URL pattern.
>
> That's a cool way to implement monitoring of traffic towards random parts of
> the internet.
There are much easier, cheaper ways to do that.
And as another person pointed out, the IWF method is not very
surreptitious so the bad guys can tell someone found them and
can improve their methods.
And did I mention the false positive problem of click-fraud and
embedded IMG URLs accessing those sites too. Yes, your computer
may have been recorded accessing a bad site when you read a
spam mail.
