Prev: low end linux * follow up*
Next: Replacing /etc/hosts as a spyco 127.0.0.1 redirection address blocker ?
From: Mike Jones on 29 Jan 2010 18:04


My /etc/hosts file is becoming rather large, and as the list of addresses
I find I'm adding to it grows daily, I'm now looking for an alternative
way to sidetrack DNS away from a list of possible connections.

One of the key problems with /etc/hosts is that every entry needs to be a
full address, meaning blocking "spyonyou.net" won't block
"hahagotcha.spyonyou.net", and so on.

With iptables I could block *.spyonyou.* to cover all spyonyou addresses,
but with the size of /that/ list, although it would be smaller than my
existing /etc/hosts file, it would cost system performance as iptables
processed it with each request.

Is there a way to duplicate the zero-weight /etc/hosts technique, but in
such a way as I can block whole domains with a single entry, as above?

ie: Adding "spyonyou" redirects /all/ addresses with that in the address
string to 127.0.0.1 for a fast miss'n'drop.

--
*=( http://www.thedailymash.co.uk/
*=( For all your UK news needs.
From: J G Miller on 29 Jan 2010 18:30
On Fri, 29 Jan 2010 23:04:56 +0000, Mike Jones wrote:

> One of the key problems with /etc/hosts is that every entry needs to be
> a full address, meaning blocking "spyonyou.net" won't block
> "hahagotcha.spyonyou.net", and so on.

If you are only doing all of this to block web sites, then why are you
not using a proxy viz squid with squid-guard?

<http://www.squidguard.ORG/>

You can even get ready built filter lists.

<http://www.squidguard.org/blacklists.html>

Obviously you need to set up your browser to go to the squid proxy
instead of directly out on to the wild and dangerous Internet.
From: Pascal Hambourg on 29 Jan 2010 18:55
Hello,

Mike Jones a �crit :
>
> With iptables I could block *.spyonyou.* to cover all spyonyou addresses,

How would you do that ?
From: Mike Jones on 30 Jan 2010 07:40
Responding to John Hasler:

> Use Privoxy. It will also block pretty much all advertising.


Looks interesting.

--
*=( http://www.thedailymash.co.uk/
*=( For all your UK news needs.
From: Mike Jones on 30 Jan 2010 07:42
Responding to J G Miller:

> On Fri, 29 Jan 2010 23:04:56 +0000, Mike Jones wrote:
>
>> One of the key problems with /etc/hosts is that every entry needs to be
>> a full address, meaning blocking "spyonyou.net" won't block
>> "hahagotcha.spyonyou.net", and so on.
>
> If you are only doing all of this to block web sites, then why are you
> not using a proxy viz squid with squid-guard?
>
> <http://www.squidguard.ORG/>
>
> You can even get ready built filter lists.
>
> <http://www.squidguard.org/blacklists.html>
>
> Obviously you need to set up your browser to go to the squid proxy
> instead of directly out on to the wild and dangerous Internet.


Heading to that URL as I type.

--
*=( http://www.thedailymash.co.uk/
*=( For all your UK news needs.
 |  Next  |  Last
Pages: 1 2 3 4
Prev: low end linux * follow up*
Next: Replacing /etc/hosts as a spyco 127.0.0.1 redirection address blocker ?