numbers, and alias the lot on their web site - this would increase the number of blocked addresses needed. It might also be a good idea to run some proxies on unusual ports (eg. smtp, DNS, pop, ftp ports) (although of course this will then need to be a dedicated proxy machine) - again this would increase the size of the blacklist that the Germans must use,
Of course if they're simply denying all traffic to a given network, a different port isn't going to make any difference. :)
and may involve some awkward router programming (for example, a router might be configured to allow all DNS traffic - if a proxy is sitting on the DNS port, then things get a bit difficult to set up). Of course, netscape probably won't allow use of these ports (it certainly doesn't allow the use of port 79).
I think the restriction on port 79 (the finger daemon port) was because there still are a lot of fingerd's with buffer overrun holes and it was just too easy to use netscape to exploit them. Jeff or another of the people from NS probably can give the full explanation. --- Fletch __`'/| fletch@ain.bls.com "Lisa, in this house we obey the \ o.O' ______ 404 713-0414(w) Laws of Thermodynamics!" H. Simpson =(___)= -| Ack. | 404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43 U ------