Philip Tellis wrote:
Sometime on Jul
20, Amish Mehta assembled some asciibets to say:
1) Make your DNS server host
blogspot.com and
redirect ALL port 53
traffic to it and block
blockedblog.blogspot.com requests.
User can use an alternate DNS server
Well thats why I said redirect port 53.
When port 53 is redirected alternate DNS would not work as user
expects.
3) Just like
ip_conntrack_ftp module which tracks PORT commands,
develope ip_conntrack_http module which tracks HTTP "Host:" header
and blocks the blocked sites.
User can use HTTP/1.0 which does not require the Host: header unless
going through a proxy.
General users do not know how to do all that. There are many other
ways to access sites too. Anonymous proxies (not necessarily running
on port 80), SOCKS and all which is too tough to block.
But most of people do not know all that.
And if one is expert to do that, which means that person is doing
something which is banned by Government and hence illegal so can
get himself arrested.
Amish.