|
Subject: |
Re: Pointcast - how to block.... |
|
From: |
"Daniel J Blander - Sr. Systems Engineer for ACS" <Daniel .
Blander @
ACSacs .
Com> |
|
Date: |
Tue, 18 Feb 1997 23:03:22 -0800 |
|
To: |
firewalls @
greatcircle .
com |
|
Cc: |
syousif @
arn .
net, gary .
mills @
experian .
com, david @
webster .
com, js18262 @
imcnam .
sbi .
com, darwin_martinez @
ins .
com, mstoico @
metlife .
com, claudel @
netcom .
com, dougmc @
attachmate .
com, grs @
claircom .
com, jonesmd @
unifiedtech .
com, tom @
shadow .
syberdesic .
com, jhall @
sqi .
com, frank_carroll @
usairln .
usair .
com |
|
In-reply-to: |
<199702141002 .
EAA04570 @
arnet .
arn .
net> |
Due to the 30+ me-to's I recieved to my message, I have decided to
summarize a bit here to the list, and to get additional feedback.
Please, if you have nit-picks, send them direct to me. If the comments
are generally useful to the list, then post them there (and to me).
TIA.
Here are my findings so far. Please feel free to suggest other methods.
(BUT NO UNSUBSTANTIATED PRODUCT PUSHING PLEASE!! - yes I meant to yell)
My goal was to filter PointCast traffic at the Firewall/Proxy since it was
(is) a bandwidth hog and we needed to limit it. I also was very
concerned with the security problems that it presents. In exploring the
request I found that PointCast uses your web proxy (using http) to aquire
and pass its data. PointCast users point their software at the HTTP Proxy
and get their PointCast feeds (boy does this hog proxy processes!!!)
After examining the proxy requests and PointCast's own site, it became
obvious that simple site blocking would not achieve what I wanted. On NT
boxes, PointCast encourages server admins to put the PointCast server on
the same box as their web page. Thus, if you filter by domain name or IP
address alone, you will loose the ability to view the web site (not good
and overly harsh).
It appears that the only way to filter out PointCast traffic is to filter
by actual passed content. The PointCast requests, as the pass through the
proxy contain a unique piece of information:
http://some.pointcast.com/FIDO.....
The FIDO statement was on every PointCast site I connected to (LA Times,
CNN....)
I have subsequently tried filtering to this level using Netscape Proxy
server (which I have at my disposal) but have not quite had luck getting
the filters just right to pick it up....
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Daniel Blander =8^)
Sr. Systems Engineer Applied Computer Solutions
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Phone: (714) 842.7800 Fax: (714) 842.8299
Email: Daniel .
Blander @
acsacs .
com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Official Applied Computer Solutions Home Page
and Tech Tip of the Week:
http://www.acsacs.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
