Forums, Facebook, Google, Twitter

May 20, 2008
11,400
99
Syracuse, NY, USA
I logged onto the forums at 15:40:24 while logging IP traffic between my computer and 172.217.*.* (Google), 31.13.*.* (Facebook), and 199.16..*.* (Twitter) and walked away from the computer for 10 minutes. When I returned, I found 729 connections, extending over a period of 2.5 minutes, 545 with Google, 139 with Facebook, and 45 with Twitter.

I'd expect a few connections at first (to get icons, at least). But I must wonder ... what else is going on? I'm not complaining. I just want to know how it works.

The log file (not particularly interesting) is attached.
 

Attachments

  • connections.txt
    47.6 KB · Views: 95
May 20, 2008
11,400
99
Syracuse, NY, USA
Enabling Quantum's "Tracking Protection" got rid of the Facebook and Twitter connections with no ill effects (so far).
upload_2017-11-20_16-40-21.png

Firewalling outbound connections to a few (64K) Google hosts took care of the Google ones, again with no ill effects (so far).
Navigating the forums is a little faster.
 
Apr 2, 2011
1,441
10
54
North Carolina, USA
How would I determine the range for firewalling outbound connections for Google; I do use Gmail. etc for email.....

Is there a chance that @vefatica could export his google outbound rules and I could test his? I do not really want to play around with the firewall.....
 
May 20, 2008
11,400
99
Syracuse, NY, USA
These are the commands I used (elevated) to create the filters. I'll attach an export if I can get one.
Code:
netsh advfirewall firewall add rule name=aagoogle_ dir=out action=block enable=yes localip=any remote=172.217.0.0/16
netsh advfirewall firewall add rule name=aagoogle2_ dir=out action=block enable=yes localip=any remote=216.58.192.0/19
Whether the'll work for you is very iffy. Google's network is vast.

I figured all this out by brute force and trial and error (and with my fingers crossed). If you have a packet sniffer, just filter for ports 443 and 80 and connect to the forums. You might want to try Microsoft's "Message Analyzer" (supposed replacement for "Network Monitor"). It's free and easy to install (need a reasonably new DotNet). I haven't mastered it's use.

You can also do "ipconfig /displaydns". I have no Google hosts in there normally (verify that). After connecting to the forums, I have several (but do that soon after connecting because those entries don't have a very long "time-to-live".. Just looking at the source for the forums's home page, I see
Code:
<link href='//fonts.googleapis.com/css?family=PT+Sans:400,700|Open+Sans:400,700' rel='stylesheet' type='text/css'>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>

Once you have a few google IPs, you can go to www.arin.net and use their "whois" service (or your own whois if you have one) to get IP ranges.

Good luck. Please let us know how you make out.

Exported GOOGLERULES.TXT is attached.
 

Attachments

  • googlerules.txt
    257 bytes · Views: 96
Apr 2, 2011
1,441
10
54
North Carolina, USA
ipconfig /displaydns > displaydns.txt is attached....
 

Attachments

  • displaydns.txt
    583.9 KB · Views: 100
May 20, 2008
11,400
99
Syracuse, NY, USA
ipconfig /displaydns > displaydns.txt is attached....
Looking at that, it doesn't look like you were connected to the forums when you collected that data. When not connected to the forums, I see nothing.
Code:
v:\> ipconfig /displaydns | grep google

v:\>

When connected to the forums, I see
Code:
v:\> ipconfig /displaydns | grep google | grep -v Record | sort | uniq
    ajax.googleapis.com
    apis.google.com
    clients.l.google.com
    clients1.google.com
    fonts.googleapis.com
    googleadapis.l.google.com
    googleapis.l.google.com
    gstaticadssl.l.google.com
    plus.google.com
    plus.l.google.com
    www.google.com

v:\>

I have a utility called WHOISIP.EXE (free). Wrapped in an alias (wi) and used on those hostnames, I get a good idea what IPs to try blocking.
Code:
v:\> do host in @clip: (wi %host & echo.)
Country:      USA - California
Owner Name:   Google LLC
CIDR:         172.217.0.0/16
From IP:      172.217.0.0
To IP:        172.217.255.255
CIDR:           172.217.0.0/16
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         172.217.0.0/16
From IP:      172.217.0.0
To IP:        172.217.255.255
CIDR:           172.217.0.0/16
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         216.58.192.0/19
From IP:      216.58.192.0
To IP:        216.58.223.255
CIDR:           216.58.192.0/19
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         172.217.0.0/16
From IP:      172.217.0.0
To IP:        172.217.255.255
CIDR:           172.217.0.0/16
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         172.217.0.0/16
From IP:      172.217.0.0
To IP:        172.217.255.255
CIDR:           172.217.0.0/16
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         216.58.192.0/19
From IP:      216.58.192.0
To IP:        216.58.223.255
CIDR:           216.58.192.0/19
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         172.217.0.0/16
From IP:      172.217.0.0
To IP:        172.217.255.255
CIDR:           172.217.0.0/16
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         172.217.0.0/16
From IP:      172.217.0.0
To IP:        172.217.255.255
CIDR:           172.217.0.0/16
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         216.58.192.0/19
From IP:      216.58.192.0
To IP:        216.58.223.255
CIDR:           216.58.192.0/19
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         172.217.0.0/16
From IP:      172.217.0.0
To IP:        172.217.255.255
CIDR:           172.217.0.0/16
Country:        US

Country:      USA - California
Owner Name:   Google LLC
CIDR:         172.217.0.0/16
From IP:      172.217.0.0
To IP:        172.217.255.255
CIDR:           172.217.0.0/16
Country:        US
 
Apr 2, 2011
1,441
10
54
North Carolina, USA
c:\> ipconfig /displaydns > displaydns.txt
while connected to this thread....
and using the HOSTS file from the first website earlier in this thread, think posted today.
 

Attachments

  • displaydns.txt
    585 KB · Views: 106
Similar threads
Thread starter Title Forum Replies Date
Fross Did The Forums Go Back In Time? Support 6
vefatica Forums? Support 6
Alpengreis [Forum] Mark forumS (all!) read Support 2
C Problem navigating forums Support 11
vefatica Watched forums? Support 2
vefatica Forums slow? Support 2
vefatica Does TCC know I'm visiting the forums? Support 76
vefatica Forums OK? Support 2
rconn News Website & Forums now running PHP 7 Support 0
vefatica What happened to the forums? Support 1
rconn News HTTP to HTTPS for JP Software web site & forums Support 3
rconn Forums back up Support 0
M Forums appear empty if I'm not logged in Support 2
rconn News JP Software Forums Update Support 3
S How to? Receive notice of new forums automatically Support 1
vefatica Does uploading to the forums work? Support 2
S WAD "Mark Forums Read" fails Support 4
rconn Forums -> Blog link Support 0
rconn Forums under repair this evening Support 2
rconn Forums upgrade Support 0
rconn Web site and forums offline Saturday evening, January 2, 2010 Support 0
C Rex: Missing email messages from all forums Support 7
p.f.moore Broken email access to these forums - finally giving up Support 4
vefatica All emails from JP Software Forums Support 0
vefatica Forums, settings awry again Support 1
vefatica From: "JP Software Forums" (why) Support 5
mscheuner RSS-enable these forums, please! Support 2
rconn Take Command / Facebook public beta Support 5
fpefpe (the new) google drive Support 15
C Google intregration error Support 4
C Google Sendmail ? Support 15
rconn News Google translation Support 4
Jay Sage Problem Launching Google Earth from TCMD Support 17

Similar threads