Suppose you have access to your firewall and you want to block Facebook.
Then you need to get their prefixes which you can find out their ASN.
You can find out their asn from traceroute:
Of course, If I was a determined user, I could use any of the free proxies out there rendering this whole post moot (DPI anyone?).
Then you need to get their prefixes which you can find out their ASN.
You can find out their asn from traceroute:
Which you can verify with tools such as these$ traceroute -n -A www.facebook.com .... 14 4.69.149.82 [AS3356] 630.713 ms 633.180 ms 4.69.149.146 [AS3356] 629.633 ms 15 4.53.112.58 [AS3356] 578.959 ms 580.703 ms 579.624 ms 16 204.15.20.120 [AS32934/AS10753] 577.604 ms 557.247 ms 636.807 ms 17 74.119.76.67 [AS32934] 633.454 ms 74.119.76.186 [AS32934] 602.556 ms 603.583 ms 18 74.119.76.197 [AS32934] 634.461 ms 74.119.76.205 [AS32934] 634.431 ms 74.119.77.55 [AS32934] 702.079 ms 19 69.63.190.10 [AS32934/AS10753] 701.423 ms 700.644 ms 700.937 ms
Then you'd get their prefixes using a lookup service$ dig +short AS32934.asn.cymru.com TXT "32934 | US | arin | 2004-08-24 | FACEBOOK - Facebook, Inc."
You can then feed the prefixes into your firewall.$ lynx --dump https://www.dan.me.uk/bgplookup?asn=32934 2>&1 | grep AS32934 IPv4 Prefixes seen at AS32934: 204.15.20.0/22 [AS32934] 2620:0:1c00::/40 [AS32934] 66.220.144.0/21 [AS32934] 66.220.152.0/21 [AS32934] 66.220.159.0/24 [AS32934] 69.171.224.0/20 [AS32934] 69.171.239.0/24 [AS32934] 69.171.240.0/20 [AS32934] 69.171.255.0/24 [AS32934] 69.63.176.0/21 [AS32934] 69.63.184.0/21 [AS32934] 74.119.76.0/22 [AS32934]
Of course, If I was a determined user, I could use any of the free proxies out there rendering this whole post moot (DPI anyone?).
No comments:
Post a Comment