Re: [squid-users] RE: Numeric IP, in-addr issues

From: <ocl@dont-contact.us>
Date: Fri, 07 May 2004 22:58:51 +0300

Prash wrote on 2004-05-07 22:25:

Prash,

The reason we block numeric IPs is not because we are out to
block a whole block or anything.

On the contrary, what we are doing is simply to protect us
and/or the user.

Here is how [and remeber, this is a corporate setting]

We are required/audited that

1) we do not knowingly allow any potentially unethical behavior
of our employees etc.

2) we proactively try not to let anyone bring in any unlicensed
software or such.

3) we do our best to prevent any spyware, work etc entering our
network through careless user behavior.

Legally and ethically we are liable. That is why we block
anything that falls within these categories of squidGuard.

   -- porn
   -- drugs
   -- gambling
   -- violence
   -- warez

The reason I am for blocking numeric IPs is that usually they
end up in one of those sites in the above categories (though
there are of course exceptions).

Now, I can almost hear some of you guys that what we are doing
is draconian and against personal freedom.

I agree, but I am not talking about a public ISP, this is a
commercial entity which is liable for the actions of its personnel.

And, if you are one of the orifces in that entity, the IT dept,
that is vulnerable in this context, you simply need to reduce the
risks --given that you can not eliminate it.

What I need is something that explains all this better than I do :-)

Cheers,
Jim

> Surely I can't do a whois lookup (altho i haven't tried) if my service
> provider gives me just an IP but no dns entry?
>
> I'm thinking if the trend started (blocking IPs), there must've been a good
> reason. It is blocked even in my org.
>
> Cheers,
> Prash
>
> -----Original Message-----
> From: news [mailto:news@sea.gmane.org]On Behalf Of Adam Aube
> Sent: 07 May 2004 19:50
> To: squid-users@squid-cache.org
> Subject: [squid-users] RE: Numeric IP, in-addr issues
>
>
> Prash wrote:
>
>
>>don't know about the docs mate but if a website does not have a dns entry
>>then you won't be able to "whois" and find out who runs that website or
>>even the contact address.
>
>
> You can do WHOIS lookups on IP addresses. This will give you the
> organization responsible for that address, and you can contact them.
>
> Adam
>
>
Received on Fri May 07 2004 - 13:55:07 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT