Web filter a runaway success: Exetel

Easy bypasses bitter-sweet for government

Internet content filtering could cost users about $6 a year and cause no network disruption, according to results from a trial of the technology by ISP Exetel.

The filters performed flawlessly during the six-day trial, which ran separate to the government's filter pilot and concluded today. It recorded no false positives from some 20,000 hits against a blacklist of alleged child porn Web sites, and had “no measureable impact on any Exetel router”.

Exetel managing director John Linton said the 20,000 hits are bitter-sweet for the federal government, assuming each is considered an attempt to access an IP range connected to child porn Web site, because the filters could still be negated by anyone "mildly technically competent".

"This trial also demonstrated why a child pornography filter is necessary; if you consider that Exetel has only around 1 percent of Internet users in Australia then you might be more than a little surprised at how many paedophiles that implies there are," Linton said on his blog

"Trials will not stop the mildly technically competent internet users availing themselves of the myriad of tools to use some form of remote proxy to access any list of blocked sites.

"Basically [the federal government] will have to decide on shelving blacklisting child pornography or they have to scrap their ACMA list and find a substitute that is acceptable to the senate and the wavering Labor voters before the next election," he said. "They no longer have the cop out of 'it won't work technically'".

Exetel launched the mandatory filtering trial last week to assess first hand the performance and financial impact of applying content filtering to its network. It used the WatchDog International Web filter, which is featured on the government-prescribed list, and used its blacklist which the ISP says is similar to that used by the UK's Internet Watch Foundation.

Network engineer Steve Waddington said in the ISP's forums the trial was run irrespective of the views of its subscribers or management.

“Yes, yes, I know content filtering is a travesty of our rights (...to watch porn), thought control by fascist regimes, a return to the dark ages, etc. And, as I have argued elsewhere, not something I agree with - it being inappropriate, in my opinion, to use technology as both scapegoat and cure for a social problem,” Waddington said in an Exetel blog

“Nevertheless, should ... Rudd mandate it, we, the people who will have to put it in place at Exetel, need to know how to do that. So, agree with it in principle or not, a trial of the technology before that happens is a sensible thing to do.”

Exetel claimed the filter trial had to be mandatory as an opt-in pilot would be “technically infeasible”.

The 56 problems recorded in the trial were not caused by the filters, and the ISP did not notice reduction in network speeds.

The filters used a BGP session between Exetel and the filtering server which resolves the blacklist to IP address and announces the addresses as /32 prefixes. ISP traffic requesting access to blacklisted are directed to the filter server which itself acts as a simple proxy for any whitelisted URL.

Exetel reported the configuration “imposes virtually no extra load on any part of the ISP network” and avoids overblocking: “it is hard to see how even a low end server would not be able to meet the demands of a very large ISP,” Waddington said. “It places so little load, and needs so little bandwidth, that for the trial we created a tunnel between our border router and a Watchdog filter server in New Zealand to make them look adjacent.”

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags internet content filter

More about etworkInternet Watch Foundation

Show Comments