Block google page cache at firewall?

Hi folks. Been trying for awhile to block the google cache of pages which i'm sure you are all familiar with. If you go to google and do a search for the page URL, you can access the google cache of the page even if your firewall has the page itself blocked. How do I get around this? Gotta block!

Reply to
ridergroov
Loading thread data ...

Why do you allow google access if you don't want to allow search result access?

If this is a company, consider not allowing web access at all, except the specific individuals that have a business need for it.

Reply to
Leythos

"ridergroov" asked:

You trying to use a firewall to prevent google from caching pages you create? See,

formatting link
this information.

On the other hand, if you want to use your firewall to prevent this, you'll have to identify which firewall you use and wait for someone familiar with that firewall to offer an answer.

Hope this helps.

Jim Carlock Post replies to the group.

Reply to
Jim Carlock

Yes. And there are many, many other ways, too, to achive that.

Yours, VB.

Reply to
Volker Birk

Thank you all but I think you are confused. I'm trying to block Google's cache of other web pages. It is a service that they provide on their site. If you go to google.com and type the URL in of a page, you are offfered at the bottom to view GOogle's cache of the site. I'm not trying to block caching of google.

Reply to
ridergroov

Google uses various IPs from its netrange which do overlap with certain hosts. So you might try using an URL filter which filters for any IP in the hostname from their netrange.

Anyway, as Volker pointed out already, there are many other services like Google cache and you won't be able to filter them out without any rigorous whitelisting.

Reply to
Sebastian Gottschalk

LOL

Well, at least a NS lookup indicates that it's related to google.

What about Yahoo Cache? What about MSN Search Cache? What about literary thousands of other search engines?

Reply to
Sebastian Gottschalk

Block EVERYTHING form Google, and you will block the Google cache. Just tell your filtering system to block everything from google.com, and that will solve the problem, And block Yahoo as well, since they use Google from some of their results.

>
Reply to
Charles Newman

Look Dufus, you just described the BASIC functions that EVERY Firewall Appliance has always been able to do.

Reply to
Leythos

Wrong, I have tons of white/black lists, even ones assigned to specific groups of users in the firewall so that some use block list A and others use block list B.....

Oh, most of the firewall appliances on the market have had this ability for years, some more than 10.

Wrong again dufus, all of the real firewall appliances will work with NT Domain authentication and several others that Cyblock can't even think about.

Charles - you need to learn about more than NAT Routers, try a firewall once and you'll change your mind.

Oh, I can also filter content OUT of pages while showing the safe content, block downloads from websites based on type of file, block pages that have no official content type designation, etc....

Come back when you learn about firewalls.

Reply to
Leythos

You really need to get a software-based filtering system, such as CyBlock,that will block pages based on criteria you set. Hardware appliances just cannot do what CyBlock, SurfControl, WebSense, CyberSitter, WebWasher, and products like it can do. If you are SERIOUS about Web filtering, you NEED one of the afforemtioned products. It can filter Web sites far better than any hardware appliance can. The address, 72.14.203.104, for the Google cache, can be blocked with CyBlock under the category of "IP Address" or "Dotted Decimal", depending on which version of the program you have. Also, CyBlock can do one thing the hardware firewalls cannot. If you put the category of "Other" in the blocked list, it will by allow those sites under other categories in the "allow" list. That gives CyBlock a leg-up over ANY hardware appliance on the market. If you are in an NT domain, CyBlock can also support autthenication via NT domain, something hardware appliances have not learned yet.

Reply to
Charles Newman

Jesus wept......

Reply to
Greg Hennessy

"All" of us are not confused. I stand by my answer, the cached pages come from google itself and you will have to block google entirely to avoid this problem.

Some content filtering software or filtering appliances are capable of recognizing sites that hold cached content and blocking them. In a strict environment (say, public internet access for children at a shelter) I would enable this, which would in fact block many seach sites.

-Russ.

Reply to
Somebody.

What about a hosts file? For simple computer users, ie, I think webservers might present a problem, though, because you'll end up getting a lot of bogus hits when you block out items and if your serving 127.0.0.1 as a website.

Hosts files are available on Unix systems?

Jim Carlock Post replies to the group.

Reply to
Jim Carlock

at /etc/hosts - and on Windows systems at %SystemRoot%\\System32\\Drivers\\etc

Yours, VB.

Reply to
Volker Birk

By default, you can change it.

Besides that, HOSTS files are generally a bad idea. They're only limited to DNS, so neither simple IPs or bad content on an otherwise good server. It doesn't support RegExps, applies to every program (instead of just the webbrowser) and I don't think an 70s' mechanism used as shortcut before the invention of DNS is an adequate tool for security on a 00' system.

And you always need root/admin rights to update it.

On Windows it's even worse: it causes DNS cache misses, even some errors and at about 10.000 entries it will start to slow down the system.

Reply to
Sebastian Gottschalk

Host files are how things were done in the old days, and in some locations today, but the firewall acts as the final authority - meaning that if a user were to edit the host file, the firewall would still block them.

Reply to
Leythos

At the location specified in the value "DataBasePath" in [HKLM\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters], to be more precise.

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

Yes. Maybe there are people, who are even changing _this_ setting ;-)

Yours, VB.

Reply to
Volker Birk

Hostfiles were used _initially_ on the Internet. Today's DNS was first proposed in the late 1970s (a couple of years before DOS, never mind windoze) as a replacement for the Internet hosts files that were maintained by SRI in Palo Alto and distributed to every host connected to the internet. The current DNS became the standard in 1983 (two years before windoze 1.0 was in stores - ten years before windoze discovered the concept of networking - and twelve years before windoze discovered the Internet. The oldest hosts file available now is RFC0267 from 22 November 1971. Where do you think microsoft got the _idea_ for a hosts file?

Things were getting out of hand by the mid 1980s. By 1985, there were 185 separate networks (3200 by the end of 1989, just over 72000 now). Can you imagine trying to maintain a global 'hosts' file today? There isn't even a global DNS listing - it's a distributed database, with pieces stored on tens of millions of servers world wide. See RFC1118 for some ancient clues.

Yeah, microsoft still hasn't figured out how to run users with lower privileges than those needed to screw up the operating system. They claim to be able to do so, but few systems are operated in that manner, because this b0rkes so much.

Old guy

Reply to
Moe Trin

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.