Prev: low end linux * follow up*
Next: Replacing /etc/hosts as a spyco 127.0.0.1 redirection address blocker ?
From: Mike Jones on 30 Jan 2010 07:46
Responding to Pascal Hambourg:

> Hello,
>
> Mike Jones a écrit :
>>
>> With iptables I could block *.spyonyou.* to cover all spyonyou
>> addresses,
>
> How would you do that ?



I forget now, but I played around with using iptables as a URL filter a
while back. The problem was the overhead. The longer the list, the slower
the network. The /etc/hosts method has no visible overhead, but is clumsy
when you build up a decent "collection" of banned addresses.

--
*=( http://www.thedailymash.co.uk/
*=( For all your UK news needs.
From: Pascal Hambourg on 30 Jan 2010 08:06
Mike Jones a �crit :
> Responding to Pascal Hambourg:
>>
>> Mike Jones a �crit :
>>> With iptables I could block *.spyonyou.* to cover all spyonyou
>>> addresses,
>>
>> How would you do that ?
>
>
> I forget now, but I played around with using iptables as a URL filter a
> while back.

Do you mean using the 'string' match on HTTP connections ? Or on DNS
packets ?

> The problem was the overhead.

Another problem is reliability.
From: J G Miller on 30 Jan 2010 17:23
On Sat, 30 Jan 2010 16:06:51 -0600, John Hasler wrote:

> Privoxy does far more than just block specified sites.

What are the advantages of Privoxy over SquidGuard?
From: Mike Jones on 30 Jan 2010 18:39
Responding to Pascal Hambourg:

> Mike Jones a écrit :
>> Responding to Pascal Hambourg:
>>>
>>> Mike Jones a écrit :
>>>> With iptables I could block *.spyonyou.* to cover all spyonyou
>>>> addresses,
>>>
>>> How would you do that ?
>>
>>
>> I forget now, but I played around with using iptables as a URL filter a
>> while back.
>
> Do you mean using the 'string' match on HTTP connections ? Or on DNS
> packets ?


Can't recall now. all I remember is adding a couple of hundred or so
addresses and seeing my network grind to a halt. Mind you, that was on a
P800.

--
*=( http://www.thedailymash.co.uk/
*=( For all your UK news needs.
From: Cat22 on 1 Feb 2010 21:29
Mike Jones wrote:
>
> My /etc/hosts file is becoming rather large, and as the list of addresses
> I find I'm adding to it grows daily, I'm now looking for an alternative
> way to sidetrack DNS away from a list of possible connections.
>
> One of the key problems with /etc/hosts is that every entry needs to be a
> full address, meaning blocking "spyonyou.net" won't block
> "hahagotcha.spyonyou.net", and so on.
>
> With iptables I could block *.spyonyou.* to cover all spyonyou addresses,
> but with the size of /that/ list, although it would be smaller than my
> existing /etc/hosts file, it would cost system performance as iptables
> processed it with each request.
>
> Is there a way to duplicate the zero-weight /etc/hosts technique, but in
> such a way as I can block whole domains with a single entry, as above?
>
> ie: Adding "spyonyou" redirects /all/ addresses with that in the address
> string to 127.0.0.1 for a fast miss'n'drop.
>
for firefox install adblock plus -works great!
Cat22
First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4
Prev: low end linux * follow up*
Next: Replacing /etc/hosts as a spyco 127.0.0.1 redirection address blocker ?