Gathering ALL IPs from a single Web Domain?

0

00PS

[H]ard|Gawd
Joined
May 5, 2009
Messages
1,798
Whats the best way to gather the multiple IP addresses that lets say YouTube.com reserves? Of course I could ping the website and get 208.117.236.69 but I'm sure they hold many other IPs.

I'm blocking it at a cisco firewall using:
Example:
Code: 
object-group network youtube
network-object host 208.117.236.69

access-list VLAN_1_access_out extended deny ip any object-group youtube

I've never done this before, and just kinda had this thrown at me. No CCNA (Not much networking experience, only clients/servers)....maybe one day :D

Thanks in advanced.
 
You could try blocking each individual IP address, or just prevent the clients from getting those IP's in the first place. Consider using OpenDNS, which has been mentioned before when it comes to content prevention. Alternatively, you could run a search through WHOIS and block their entire subnet.
 
Using a Windows 2003 DNS server by any chance? If so, it's pretty easy to "block" domains by setting up a DNS forwarder for that domain which points to a non-existent dns server. Not the most foolproof method, but it does the trick for 99% of users.
 
Manual firewall ACLs is a TERRIBLE way to do this. Places like YouTube have mutiple data centers and caching locations. Buy WebSense or something like that. Or at a minimum use like OpenDNS. For the free option do like JBark said and just put a fake DNS domain on the local DNS server.
 
JBark said:
Using a Windows 2003 DNS server by any chance? If so, it's pretty easy to "block" domains by setting up a DNS forwarder for that domain which points to a non-existent dns server. Not the most foolproof method, but it does the trick for 99% of users.
Click to expand...

We are using a Win svr 2k3 enviornment, and I've thought about doing this, but there are so many sites I'm gonna need to blacklist...its going to be very tedious. Definitely the poor mans way, but your absolutely right about being cheap/effective.

NetJunkie said:
Manual firewall ACLs is a TERRIBLE way to do this. Places like YouTube have mutiple data centers and caching locations. Buy WebSense or something like that. Or at a minimum use like OpenDNS. For the free option do like JBark said and just put a fake DNS domain on the local DNS server.
Click to expand...

Really? I was under the impression that blocking it at a Cisco ASA firewall would be the best bet. Guess it does make sence. I've brought up OpenDNS to my boss and he just changes the subject. Not sure why, maybe its that he doesn't trust the source or understand the implementation.

Thanks guys for putting me on the right track, blocking them using DNS is surely the way to go for now.
 
You must log in or register to reply here.
Back
Top