[LINK] Internet filtering plan may extend to peer-to-peer traffic, says Stephen Conroy

[Martin Barry]

$quoted_author = "Kim Holburn" ;
> 
> I see be 2 ways of doing it - by deep inspection or by using an  
> application firewall.  A full application firewall would have to  
> understand each protocol and with p2p I just don't see it as  
> possible. 

We're already at the point of talking about DPI just for filtering HTTP.

They want to restrict on URL rather than IP to minimise collateral damage.

This requires extracting the 'Host' header out of each HTTP request.


On another note, Conroy wavering away from the "we'll only block the ACMA
list" line is an interesting development. Up until now you could perhaps
make the case that he was just attempting to stop people accidently seeing
things they shouldn't, aware that anyone who really wanted access to that
site would work around the filter. Now, who knows what he's thinking? He
clearly has been briefed on the buzzwords but doesn't understand the tech.

cheers
marty

-- 
"Picture if you will, hundreds of Cisco switches, galloping wildly across
the server room, the herd turning as one to avoid the wily sysadmins
that are attempting to cull the weak and sick. The slowest switches
being captured and herded into racks, where they will spend the rest of
their days, passing traffic, dreaming of the freedom they used to have,
roaming free in the data center." --That Guy

alt.sysadmin.recovery - <KsmdnWRWsshmoNvYnZ2dnUVZ_s6dnZ2d at comcast.com>