ho to filter hundeds of domains ?

Sten Carlsen stenc at s-carlsen.dk
Fri Aug 31 21:59:52 UTC 2012

Well, I believe the ideal answer is:
This will prevent the policy makers to access the "bad" pages, so this
is what we do to make them content.

If they can not themselves work a way around the wall we erect, they are
happy and that essentially is the target of this whole exercise. (As I
see it).

On 31/08/12 23:20, Kevin Darcy wrote:
> On 8/31/2012 10:42 AM, Oscar Ricardo Silva wrote:
>> On 08/31/2012 08:22 AM, Kevin Darcy wrote:
>>> On 8/31/2012 2:50 AM, sthaug at nethelp.no wrote:
>>>>> Again, it's not about how effective the block is or can be. Unless
>>>>> Italy
>>>>> becomes like China or even worse (but the US had the chance end up
>>>>> almost in the same situation very recently, so this is NOT an
>>>>> Italian-only problem), there is no way to inhibit users from
>>>>> reaching a
>>>>> given resource on the Internet: if the user is motivated enough
>>>>> he/she
>>>>> will circumvent whatever you do, eventually assisted by the
>>>>> counterpart
>>>>> he/she is trying to reach...
>>>> We are in much the same situation in Norway. All the biggest ISPs use
>>>> a list of child porn domains to be blocked, specified by the central
>>>> police authorities. *In principle* implementing this is voluntary for
>>>> the ISPs. In practice there is significant pressure to do so.
>>>> Both the police and the ISPs are fully aware that blocking this at the
>>>> DNS level (the ISP recursive resolvers) won't prevent somebody who is
>>>> determined. But the police (and the government) still want this done.
>>>> I sometimes suspect their view is of the type "We must do something.
>>>> This is something, therefore we must do it."
>>> Nothing is better than paradise.
>>> A ham sandwich is better than nothing.
>>> Therefore, a ham sandwich is better than paradise.
>> And you won't be able to afford that ham sandwich if you've been
>> terminated from your job because you didn't follow the law.  We all
>> have things in our jobs that we don't want to do but we do them
>> anyway.  All the ridiculous suggestions and snarky comments aren't
>> helping the original poster who mentioned these sites were considered
>> illegal and is looking for other ways to do this.
> Doesn't the Eurozone have bigger problems right now, than worrying
> about a few people looking at dirty pictures?
> In any case, what does the OP expect us to say here? "Yeah, here's a
> nifty way to violate the spirit of the whole DNS protocol"? It's one
> thing to acknowledge casually that DNS software can be abused by
> unscrupulous administrators as form of social control, it's quite
> another to ask technical experts to actually give details on how that
> abuse can be carried out; giving aid and comfort to the enemy, as it
> were. The OP should report to his boss that the technical community
> provides absolutely *NO*HELP* in this travesty, and therefore any
> "modifications" to the DNS to try and implement this "blocking" will
> be incredibly time-consuming and prone to breakage in unforeseen ways.
>                 - Kevin
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

Best regards

Sten Carlsen

No improvements come from shouting:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20120831/0b34bb9f/attachment.html>

More information about the bind-users mailing list