Decarn
asked on
How to block youtube base on IP address
Hi Folks,
I am trying to block youtube using our company's firewall. Unfortunately, the firewall does not have URL filtering and can only block based on IP. I did a nslookup on www.youtube.com and get a new set of IPs each day. I think the IP address which I block is not the actual IP of youtube but the DNS records in our DNS server which changes daily.
How can I get the actual IP to effectively block access to www.youtube.com?
I am trying to block youtube using our company's firewall. Unfortunately, the firewall does not have URL filtering and can only block based on IP. I did a nslookup on www.youtube.com and get a new set of IPs each day. I think the IP address which I block is not the actual IP of youtube but the DNS records in our DNS server which changes daily.
How can I get the actual IP to effectively block access to www.youtube.com?
ASKER
Hi stu0202,
Where did you get the list of IP range from? I will need evidence to show to the management that this is the correct IP address to block. The last thing I want is to have users complaining that non youtube sites are blocked as well.
Where did you get the list of IP range from? I will need evidence to show to the management that this is the correct IP address to block. The last thing I want is to have users complaining that non youtube sites are blocked as well.
There may be more IPs then just these but here is a link that might show some more info for you.
http://www.cidr-report.org/cgi-bin/as-report?as=AS36561
Again, opendns or a similar service would be easier becuase you can just block all sites that have streaming media, etc.
Hope this helps a bit
http://www.cidr-report.org/cgi-bin/as-report?as=AS36561
Again, opendns or a similar service would be easier becuase you can just block all sites that have streaming media, etc.
Hope this helps a bit
ASKER
Hi stu0202,
Thanks but I don't know how to interpret the report.
So does it means there is no effective way to block www.youtube based solely on the IP address?
A few other questions if I may, why does www.youtube.com has so many IP address and what is causing my DNS records in my DNS servers to keep changing? I have blocked the IP address of www.photobucket.com successfully but not youtube and I don't understand why.
I cannot use a third party DNS - company policy will not allow that. I'm looking at a quick and efficient means to block various websites but based on the existing infra and policies in my company, I have limited options. Any other suggestions is much appreciated.
Thanks but I don't know how to interpret the report.
So does it means there is no effective way to block www.youtube based solely on the IP address?
A few other questions if I may, why does www.youtube.com has so many IP address and what is causing my DNS records in my DNS servers to keep changing? I have blocked the IP address of www.photobucket.com successfully but not youtube and I don't understand why.
I cannot use a third party DNS - company policy will not allow that. I'm looking at a quick and efficient means to block various websites but based on the existing infra and policies in my company, I have limited options. Any other suggestions is much appreciated.
If you run your own DNS server, why not just create a DNS record for youtube.com on your DNS server, and point it at your company website?
ASKER
Hi Akahan,
Can you explain how I could do that? Thanks.
Can you explain how I could do that? Thanks.
ASKER
Apologies, I just check with my server admin. I can't use our DNS server because it is linked to the rest of the DNS server in our organization. adding a new zone will affect the rest of the sites.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
opendns.org if you want to give it a try