Firewalls: Re: Restricting URL's

Firewalls
(November 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Restricting URL's
From:	gdonl @ gv . ssi1 . com (Don Lewis)
Date:	Wed, 8 Nov 1995 16:09:53 -0800
To:	Mike Culver <mculver @ ncelec . com>, firewalls @ GreatCircle . COM
In-reply-to:	Mike Culver <mculver @ ncelec . com> "Restricting URL's" (Nov 8, 3:06pm)

On Nov 8,  3:06pm, Mike Culver wrote:
} Subject: Restricting URL's
}  Think I hit on such a simple way to restrict URL's that we all looked right
} past it! Yes, I see all the "buts" associated with this approach, but after
} all it's free, simple, and will trip up the average attempt.
} 
} I'm assuming that most users use DNS with name resolution, instead of IP
} addresses.

security through obscurity

} To deny resolution to sex.com, simply add an entry to named.boot for
} bogusns. This directive will tell your DNS that the name server for sex.com
} is bogus, and your DNS will never ask sex.com's DNS anything.

This won't work so well if the name server in question is ns.uu.net or
some other server that serves a lot of zones that you probably still
want to access.

			---  Truck

Follow-Ups:

Re: Restricting URL's
From: Carl Jolley <cjolley @ iac . net>

Indexed By Date	Previous:	Re: fairly recent web server compromise... From: Mark <mark @ lochard . com . au>
Indexed By Date	Next:	[no subject] From: Arman Ali Anwar <aanwar @ iiu . my>
Indexed By Thread	Previous:	Re: Restricting URL's From: Dermot Tynan <dtynan @ fws . ilo . dec . com>
Indexed By Thread	Next:	Re: Restricting URL's From: Carl Jolley <cjolley @ iac . net>