Thread: Virgin media, Pirates Bay and US TV shows
View Single Post
  #24   Report Post  
Posted to uk.d-i-y
John Rumm John Rumm is offline
external usenet poster
  
Posts: 25,191
Default Virgin media, Pirates Bay and US TV shows
On 21/05/2012 19:40, Robin wrote:
Out of interest, I wonder what happens if one creates your own hosts
file entry for a target site, but with a different name, say:

mypbay 194.71.107.15

http://mypbay/browse

That ought not match on a full URL comparison...

OK, I'll display my ignorance and ask how using the hosts file could
work when we have already established that VM are not relying on DNS and
are blocking html traffic from 194.71.107.15?

Well there was the suggestion that the block was done using cleenfeed,
which is supposed to be a little more subtle than a simple IP block.

The way the cleanfeed system works (from what is actually published
about it - so this may of course be completely wrong or missing vital
details) suggests that the ISP's router first compares the result of the
target URLs DNS lookup, with an IP blacklist. If it matches, it does not
use that as a reason alone to filter it then and there, but instead
routes the traffic to a web proxy for closer scrutiny. This can then
block individual items based on their URL. Hence it should be possible
to silently block either a single page of a site, or even a single image
on a page etc without knobbling the whole site.

So if www.asite.com resolves to a IP that is blacklisted, it goes to the
proxy, and there the filter may be set to match say
www.asite.com/images/dodgyimage.jpg but no other pages on the site.
Leaving most of it retrievable, other than that image. Hence requests
for www.asite.com/images/okimage.jpg should still be visible even though
the IP of the site as a whole is flagged as "in need of closer checking".

Based on that analysis, a new DNS entry that points bsite.com at the IP
of asite.com could mean that a request for
www.bsite.com/images/dodgyimage.jpg still triggers the routing via the
proxy, but that the actual URL comparison at the proxy stage would not
see it as the same image. (since there may be a legitimate image with
the same name on the alternate site that it should not block)

(this being similar to the way for example apache running virtual
hosting will use the URL in the GET request to work out which sites
pages to serve when its hosting multiple sites on the same server)

As for empirical evidence, adding to the hosts file in XP "194.71.107.15
mypbay.com" leads straight o the usual VM page about the High Court
order

Using a target of just the root of the site, or a named sub page on it?

e.g. what about: http://thepiratebay.se/promo

(theoretically a non infringing page on the site)

However it could be a fairly crude IP based (or IP address and TCP port
number) block and not anything subtle. (possibly understandable since
the site in question is large enough to need dedicated hosting and not
shared hosting)

--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/
Reply With QuoteReply With Quote