Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
How does this solution affect websites that require the doubleclick cookies or whatever to function properly? Some websites refuse to work unless you have their ad provider's cookies. -Josh On Oct 3, 2005, at 12:53 PM, Rich Braun wrote: > I finally got fed up with seeing "waiting for ad.doubleclick.net" > or the like > at the bottom of my browser window: I've noticed this month that a > lot of the > adware sites seem to have sluggish performance. So even if you > have one of > those snazzy 6-megabit cable modem connections, you're still > crawling along at > 256K DSL performance so much of the time. > > I did a little searching and came up with a solution that works for > all the > PCs in my household (be they Linux or Windows or whatever). > Thought I'd share > it with y'all and invite comments; thought I got ideas for this via > Google, I > didn't find an exact match for what I wanted to accomplish, despite > how widely > useful this technique is. > > If you're not running a local DNS (BIND 9), you can set one up > easily enough > by setting up a named.conf file with the lines I've included below. > (References to files like named.root and db.127 I'll leave as an > exercise for > the reader.) > > My strategy to block adware is to create a local DNS zone for each > nefarious > domain, pointing it (and all subdomains) at the loopback address > 127.0.0.1. > That will block sites at the local PC: your browser will not > generate ANY > network traffic to those sites, and therefore won't hang around > waiting for > some sluggish banner server to come up. > > I don't yet have a strategy for maintaining the list of domains > that need to > be blocked, though; that's where I could use suggestions. > > -rich > > ---- /etc/named.conf > // ACL defining list of legitimate user IP's on local LAN > // We use this to prevent anyone from hacking our DNS from outside > // regardless of firewall configuration > acl lan-users { 127.0.0.1; 192.168.2.1; 192.168.2.2; 192.168.2.3; }; > options { > directory "/etc/named.dir"; > transfer-format one-answer; > allow-query { lan-users; }; > }; > acl can_query { any; }; > > zone "." { > type hint; > file "named.root"; > }; > > zone "2.168.192.in-addr.arpa" { > type master; > file "db.192.168.2"; > allow-query { lan-users; }; > allow-transfer { lan-users; }; > }; > zone "127.in-addr.arpa" { > type master; > file "db.127"; > allow-query { lan-users; }; > allow-transfer { lan-users; }; > }; > include "blocked-zones.conf"; > > > ---- /etc/named.dir/blocked-zones.conf > // Zones we want to block for browsing performance reasons > // $Id: blocked-zones.conf,v 1.1 2005/10/03 01:04:23 richb Exp richb $ > > zone "advertising.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "ar.atwola.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "ad.doubleclick.net" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "ad.doubleclick.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "www.activesearch.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "www.actualnames.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "www.ad-up.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "www.adminder.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "adwords.google.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > zone "hitbox.com" { type master; file "dummy-block"; > allow-query { lan-users; }; }; > > > ---- /etc/named.dir/dummy-block > ; $Id: dummy-block,v 1.1 2005/10/03 01:04:53 richb Exp $ > > ; $TTL 24h > > ; Change the SOA record to match your server name and admin address > @ IN SOA envoy.ci.net. admin.pioneer.ci.net. ( > 2005100200 86400 300 604800 3600 ) > > @ IN NS envoy-e0.ci.net. > @ IN A 127.0.0.1 > * IN A 127.0.0.1 > > _______________________________________________ > Discuss mailing list > Discuss at blu.org > http://olduvai.blu.org/mailman/listinfo/discuss >
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |