Blocking youtube

Reply
Highlighted
L3 Networker

Perhaps just block Youtubes IP's?

Just a thought....

Highlighted
L6 Presenter

Unlikely to remain static, they have one of the largest CDN's in the world. Guaranteed those will not remain the same.

Also if you obtain the list of all Google IP's, you won't have a way to tell which are serving YouTube.

Please see:

Google IP address ranges - Google Apps Help

For a list of all google IP's, you could alternatively leverage information to create an EBL from radb.net and shadowserver.org. The idea is to create a cron script that hosts a clear text file from a web server like apache, (may need to tweak the output to adjust to EBL accepted format). Then will be periodically updated and fetched as follows:

mivaldi$ ping www.youtube.com

PING www.google.com (64.15.118.10): 56 data bytes

64 bytes from 64.15.118.10: icmp_seq=0 ttl=54 time=2.506 ms

^C

--- www.youtube.com ping statistics ---

1 packets transmitted, 1 packets received, 0.0% packet loss

round-trip min/avg/max/stddev = 2.506/2.506/2.506/0.000 ms

mivaldi$ whois -h asn.shadowserver.org "origin 64.15.118.10"

43515 | 64.15.112.0/20 | YOUTUBE | IE | google.com | YouTube LLC


Or search AS by name here:

http://bgp.potaroo.net/as1221/asnames.txt

...or here:

https://www.ultratools.com/tools/asnInfoResult?domainName=youtube


mivaldi$ whois -h whois.radb.net -- '-i origin AS43515' | grep ^route

route:      208.65.154.0/24

route:      208.65.155.0/24

route:      208.117.226.0/24

route:      208.117.234.0/24

route:      208.117.235.0/24

.

.

.

All known YouTube AS43515 IP's


... Also note that some AS like Google's may contain very long lists...

mivaldi$ whois -h whois.radb.net -- '-i origin AS15169' | grep ^route | wc -l

    6876

If it's a long list and may exceed your EBL limits (dependent on platform).


Note: Commands were run from Mac terminal. Will also work on Linux, or cygwin terminal on Windows.

Highlighted
L3 Networker

Well put! I just tried to see what it would look like so here is a snipped of what the PAN see's for that https traffic:

HTTPS

It is seeing at SSL but also the URL filter categorizes it properly so you maybe able to use the URL filter to block streaming-media.

Highlighted
L6 Presenter

This will not work with explorer 11

Highlighted
L3 Networker

I still think that blocking that category will resolve this issue. I just tried it with IE11:

Or maybe we just need to wait for PAN to update their definitions for this?

Highlighted
L6 Presenter

Maybe your browser setting is different.Select only ssl and try.You'll bypass blocking.

Browser.png

Highlighted
L1 Bithead

still cannot block youtube with explorer 11(if only you select ssl)

full decryption is done bot cannot block it.

 

Anyone can block ?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!