[KLUG Members] Sinister Web Sites

[Adam Tauno Williams]

>This might be a good place to start a discussion of filters for firewall
>machines??  Who uses what and how it works?

Filters work by simply constructing lists of "bad" sites,  or even worse, using
regular expressions to block all URL's containing strings such as "sex", "porn",
etc....

Filtering is a fools errand.

Is http://234.86.2.11 a porn site?  How about if that IP virtually hosts many
org's pages?  Some may be porn some not.  What if I fetch the page via some
cacheing network such as Akamai?  Do I block all corresponding Akamai URLs as
well as "native" URL's?  What if you block a site I don't have a problem with? 
(Some religious groups are blocked as "hate speech").  If I'm a porn site
operator and find my URL has been put on a list, what do I do?  Spend the ~$20
to get another domain name,  toss that one in redirects and pop-up adds all over
the Internet.  Round and round we go.

If your concerned, setup a squid proxy.  Set your firewall so that use of the
proxy is the only way out to the internet.  This records where everyone goes. 
Post the list for everyone to see.  Peer pressure.

Firewalls are not the same (at all) as filters.  Filters are deployed on some
kind of proxy (be it local or remote) that processes HTTP requests.  Firewalls
parse socket level connections in some manner (reject, deny, rewrite, forward,
etc...) based upon connection/packet criteria.

Systems and Network Administrator
Morrison Industries
1825 Monroe Ave NW
Grand Rapids, MI. 49505