There are actually perfectly valid reasons for not blocking such sites, even if you feel (as I do) that jihadis are the enemies of civilization. Many of these sites are used to transmit data concerning terrorist attacks or for recruitment, etc. Some include forums where supporters can post messages. Its a safe bet to assume that various law enforcement bodies may monitor such sites. If you block them at the DNS level, they will simply move elsewhere. Logically, it will take longer for law enforcement to catch up than it will for the bad guys to start using another domain name. That's a bad thing. So, to answer your original question: yes, it is entirely possible, from a technical point of view*. If you were going to block a web site, using DNS is probably the best way to ensure there is minimal "collateral damage" - blocking via IP address will result in other sites getting blocked due to virtual hosting (using a single IP address for many web sites). However, there are legal, ethical, and law enforcement reasons why such action may not always be wise. Discussing any sort of blocking will always arouse passions. Talking about blocking port 445 to stop an (alleged) worm infestation seems to get people's undergarments in a knot. For good or ill, the Internet was built as an open network and seems to work best that way. That ideal has been transmitted to most of those who currently toil away to keep it running and to improve it. Don't be afraid to keep asking questions, Abhishek. Just remember that the inmates of this particular asylum get testy now and again :) Thanks, Daniel Golding (*There are additional questions on where you should do this blocking. That's an entirely separate can of worms) On 8/18/05 6:38 AM, "Abhishek Verma" <abhishekv.verma@gmail.com> wrote:
coz i assumed that everyone wants to block such sites.
sorry if i hurt some feelings.
apologies, abhishek
On 8/18/05, Randy Bush <randy@psg.com> wrote:
Again, I am not discussing "censoring ideas".
then why did you use emotionally loaded words such as "terrorist?"
randy
-- Daniel Golding Network and Telecommunications Strategies Burton Group