[ previous ] [ next ] [ threads ]
 
 From:  "Jewell, Michael" <mjewell at law dot umaryland dot edu>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Cc:  <rbasuki at gdincorporation dot com>
 Subject:  RE: [m0n0wall] How to block a certain website with m0n0wall?
 Date:  Fri, 9 Oct 2009 13:06:23 -0400
The software returns:

69.63.184.142

OrgName:    Facebook, Inc. 
Address:       156 University Ave, 3rd floor
City:          Palo Alto
StateProv:     CA
PostalCode:    94301
Country:       US
Comment:       
RegDate:       2004-08-11
Updated:       2009-01-29

AdminHandle:    OPERA82-ARIN
AdminName:      Operations 
AdminPhone:     +1-650-543-4800
AdminEmail:     ops at facebook dot com

TechHandle:    OPERA82-ARIN
TechName:      Operations 
TechPhone:     +1-650-543-4800
TechEmail:     ops at facebook dot com

# ARIN WHOIS database, last updated 2009-10-08 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.
OrgID:      THEFA-3
Address:    156 University Ave, 3rd floor
City:       Palo Alto
StateProv:  CA
PostalCode: 94301
Country:    US

NetRange:   69.63.176.0 - 69.63.191.255 
CIDR:       69.63.176.0/20 
OriginAS:   AS32934
NetName:    TFBNET2
NetHandle:  NET-69-63-176-0-1
Parent:     NET-69-0-0-0-0
NetType:    Direct Assignment
NameServer: DNS04.SF2P.TFBNW.NET
NameServer: DNS05.SF2P.TFBNW.NET
Comment:    Contact abuse at facebook dot com with issues.
RegDate:    2007-02-07
Updated:    2009-03-04

RAbuseHandle: OPERA82-ARIN
RAbuseName:   Operations 
RAbusePhone:  +1-650-543-4800
RAbuseEmail:  ops at facebook dot com 

RNOCHandle: OPERA82-ARIN
RNOCName:   Operations 
RNOCPhone:  +1-650-543-4800
RNOCEmail:  ops at facebook dot com 

RTechHandle: OPERA82-ARIN
RTechName:   Operations 
RTechPhone:  +1-650-543-4800
RTechEmail:  ops at facebook dot com 

OrgTechHandle: OPERA82-ARIN
OrgTechName:   Operations 
OrgTechPhone:  +1-650-543-4800
OrgTechEmail:  ops at facebook dot com

# ARIN WHOIS database, last updated 2009-10-08 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.




-Mike

> -----Original Message-----
> From: Gold Dragon [mailto:golddragoninc at gmail dot com] On Behalf Of GD
> Incorporation
> Sent: Friday, October 09, 2009 11:18 AM
> To: Jewell, Michael; m0n0wall at lists dot m0n0 dot ch
> Subject: RE: [m0n0wall] How to block a certain website with m0n0wall?
> Importance: High
> 
> Will it get the complete IP range and CIDR too? The whois.com did not.
> 
> Thanks
> Rendra
> 
> -----Original Message-----
> From: Jewell, Michael [mailto:mjewell at law dot umaryland dot edu]
> Sent: Friday, October 09, 2009 9:05 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Cc: rbasuki at gdincorporation dot com
> Subject: RE: [m0n0wall] How to block a certain website with m0n0wall?
> 
> For under Windows, there are several utilities to get whois data.  I use
> one
> called whoisview.exe,  just do a google search for it...
> 
> -Mike
> 
> 
> > -----Original Message-----
> > From: Gold Dragon [mailto:golddragoninc at gmail dot com] On Behalf Of GD
> > Incorporation
> > Sent: Friday, October 09, 2009 2:31 AM
> > To: 'Lee Sharp'
> > Cc: m0n0wall at lists dot m0n0 dot ch
> > Subject: RE: [m0n0wall] How to block a certain website with m0n0wall?
> > Importance: High
> >
> > By the way Lee
> >
> > How did you get the whois info below? Through whois.com or other
methods?
> >
> > Thanks
> > Rendra
> >
> > -----Original Message-----
> > From: Lee Sharp [mailto:leesharp at hal dash pc dot org]
> > Sent: Friday, October 09, 2009 12:16 PM
> > To: m0n0wall at lists dot m0n0 dot ch
> > Subject: Re: [m0n0wall] How to block a certain website with m0n0wall?
> >
> > GD Incorporation wrote:
> > > Dear Lee
> > >
> > > I did like what you wrote below. I went to whois.com and find info
> > > on facebook.com domain and found that they used 4 dns servers. I was
> > > thinking to block the DNS servers thinking that all access that goes
> > > through that server will be rejected. But you are right if the DNS
> > > Servers are hosted to important business oriented servers such as
> > > GoDaddy, then it will be trouble.
> > >
> > > I hope m0n0wall have a feature to block a certain domain all at once.
> > >
> > > Now the next question, since the m0n0wall does not seem to be able
> > > to block one whole domain, if I put a real web portal such as
> > > dansguardian to filter what websites can be accessed, shoud I put it
> > > between ADSL modem and Firewall or should I put it behind firewall?
> >
> > You are missing the point.  You are trying to keep people out of a
> > strip club by hiding the phone book.  And badly as well.  The client
> > PC does a DNS request to m0n0wall, as that is the DNS server for the
> > client PC.
> > Assuming you do not have www.facebook.com locally, m0n0wall will do a
> > request to the ISP DNS server.  They in turn will look at an
> > authoritative name server, and eventually that will look at the
> > facebook server.  But
> the
> > client PC only ever looks to m0n0wall for name resolution.
> >
> > What you need to block are IP addresses.  If you ping facebook.com you
> will
> > get something close to 69.63.184.142, which was different from the
> > last time I pinged it.  If you do an 'nslookup 69.63.184.142' you will
> > see it is www-10-03-ash1.facebook.com, or part of a cluster.  If you
> > do a 'whois 69.63.184.142' you get;
> >
> >
> > OrgName:    Facebook, Inc.
> > OrgID:      THEFA-3
> > Address:    156 University Ave, 3rd floor
> > City:       Palo Alto
> > StateProv:  CA
> > PostalCode: 94301
> > Country:    US
> >
> > NetRange:   69.63.176.0 - 69.63.191.255
> > CIDR:       69.63.176.0/20
> > OriginAS:   AS32934
> > NetName:    TFBNET2
> > NetHandle:  NET-69-63-176-0-1
> > Parent:     NET-69-0-0-0-0
> > NetType:    Direct Assignment
> > NameServer: DNS04.SF2P.TFBNW.NET
> > NameServer: DNS05.SF2P.TFBNW.NET
> >
> >
> > The important part is the CIDR whis is the netblock for all of facebook.
> >   Blocking 69.63.176.0/20 will block facebook right now.  It will not
> block
> > them if they move, and it may block other stuff for some.  If you do
> > that with my company website you get;
> >
> > OrgName:    GoDaddy.com, Inc.
> > OrgID:      GODAD
> > Address:    14455 N Hayden Road
> > Address:    Suite 226
> > City:       Scottsdale
> > StateProv:  AZ
> > PostalCode: 85260
> > Country:    US
> >
> > NetRange:   72.167.0.0 - 72.167.255.255
> > CIDR:       72.167.0.0/16
> > OriginAS:   AS26496
> > NetName:    GO-DADDY-SOFTWARE-INC
> > NetHandle:  NET-72-167-0-0-1
> > Parent:     NET-72-0-0-0-0
> > NetType:    Direct Allocation
> > NameServer: CNS1.SECURESERVER.NET
> > NameServer: CNS2.SECURESERVER.NET
> > NameServer: CNS3.SECURESERVER.NET
> >
> >
> > I do not work for GoDaddy.
> >
> > So, yes you can do this quick and dirty in m0n0wall.  To do it right,
> > you need a web filter of some kind.
> >
> > 			Lee
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
smime.p7s (4.1 KB, application/x-pkcs7-signature)