You can use a host file in Windows or Linux per desktop (and even smartphone/tablet with root access), but this can get overwritten and you will have to modify the file across every desktop in your environment.
Another drawback to this method is handling subdomains. There is no easy method to create a wildcard block for subdomains. For instance:
If you use a Linux based firewall like IPCop, you can use dnsmasq to banish subdomains to 127.0.0.1. Here's my method:
First, you need IPCop up and configured. This should be relatively straightforward, but if you need help, do a bit of Googling to get it. You will also need working knowledge of SSH and VI
Second, SSH into IPCop. You will want to vi into your /var/ipcop/dhcp/dnsmasq.local
We will also want to enter the addresses that we want to block. For instance, if we want to block anything.blahblah.com we will do this
address=/.blahblah.com/127.0.0.1
Enter any address lines below that and save the file. Here is an example of my dnsmasq.local
# Used for private dnsmasq (DHCP) options.
# See dnsmasq manual http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
# After making modifications restart the DHCP server using the web interface
# or restartdhcp.
# Changes made will then propagate to the DHCP server.
# dnsmasq Google Public DNS
server=8.8.8.8
address=/.2o7.net/127.0.0.1
address=/.adbrite.com/127.0.0.1
address=/.addthis.com/127.0.0.1
address=/.admeld.com/127.0.0.1
address=/.adnxs.com/127.0.0.1
address=/.adzerk.net/127.0.0.1
address=/.bluekai.com/127.0.0.1
address=/.clickbank.net/127.0.0.1
address=/.criteo.com/127.0.0.1
address=/.crsspxl.com/127.0.0.1
address=/.crwdcntrl.net/127.0.0.1
address=/.disqus.com/127.0.0.1
address=/.doubleclick.com/127.0.0.1
address=/.doubleclick.net/127.0.0.1
address=/.effectivemeasure.net/127.0.0.1
address=/.esm1.net/127.0.0.1
address=/.estat.com/127.0.0.1
address=/.exelator.com/127.0.0.1
address=/.gigya.com/127.0.0.1
address=/.gravity.com/127.0.0.1
address=/.imrworldwide.com/127.0.0.1
address=/.kinja.com/127.0.0.1
address=/.linkbucks.com/127.0.0.1
address=/.liveadvert.com/127.0.0.1
address=/.livefreetimenews.com/127.0.0.1
address=/.mail-corp.com/127.0.0.1
address=/.mktoresp.com/127.0.0.1
address=/.ooyala.com/127.0.0.1
address=/.optimizely.com/127.0.0.1
address=/.outbrain.com/127.0.0.1
address=/.owneriq.com/127.0.0.1
address=/.paresly.com/127.0.0.1
address=/.quantserve.com/127.0.0.1
address=/.res-x.com/127.0.0.1
address=/.revsci.net/127.0.0.1
address=/.scorecardresearch.com/127.0.0.1
address=/.searchmarketing.com/127.0.0.1
address=/.shareaholic.com/127.0.0.1
address=/.sitemeter.com/127.0.0.1
address=/.statcounter.com/127.0.0.1
address=/.techcrunch.com/127.0.0.1
address=/.tklist.net/127.0.0.1
address=/.triggit.com/127.0.0.1
address=/.tynt.com/127.0.0.1
address=/.xiti.com/127.0.0.1
address=/.yieldmanager.com/127.0.0.1
address=/.po.st/127.0.0.1
address=/.zdbb.net/127.0.0.1
address=/.newrelic.com/127.0.0.1
address=/.stipple.com/127.0.0.1
address=/.invitemedia.com/127.0.0.1
address=/.rubiconproject.com/127.0.0.1
address=/.casalemedia.com/127.0.0.1
address=/.adsonar.com/127.0.0.1
address=/.serving-sys.com/127.0.0.1
address=/.vizu.com/127.0.0.1
address=/.serving-sys.com/127.0.0.1
address=/.gravity.com/127.0.0.1
address=/.mixpo.com/127.0.0.1
address=/.yadro.ru/127.0.0.1
Now we save and restart the dnsmasq
killall dnsmasq
and then restart dnsmasq
dnsmasq
Also, flush your DNS on your main desktop. You will now be unsuccessful at pinging the domain or any subdomain under it.
For instance:
C:\Users\binarypower>ping outbrain.com
Pinging outbrain.com [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Another drawback to this method is handling subdomains. There is no easy method to create a wildcard block for subdomains. For instance:
- ads1.spammycompany.com
- ads2.spammycompany.com
- ads3.spammycompany.com
- bannerhosting321.spammycompany.com
If you use a Linux based firewall like IPCop, you can use dnsmasq to banish subdomains to 127.0.0.1. Here's my method:
First, you need IPCop up and configured. This should be relatively straightforward, but if you need help, do a bit of Googling to get it. You will also need working knowledge of SSH and VI
Second, SSH into IPCop. You will want to vi into your /var/ipcop/dhcp/dnsmasq.local
vi /var/ipcop/dhcp/dnsmasq.local
vi /var/ipcop/dhcp/dnsmasq.local
We need to set the DNS manually, I prefer the Google DNS 8.8.8.8
# dnsmasq Google Public DNS
server=8.8.8.8
We will also want to enter the addresses that we want to block. For instance, if we want to block anything.blahblah.com we will do this
address=/.blahblah.com/127.0.0.1
Enter any address lines below that and save the file. Here is an example of my dnsmasq.local
# Used for private dnsmasq (DHCP) options.
# See dnsmasq manual http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
# After making modifications restart the DHCP server using the web interface
# or restartdhcp.
# Changes made will then propagate to the DHCP server.
# dnsmasq Google Public DNS
server=8.8.8.8
address=/.2o7.net/127.0.0.1
address=/.adbrite.com/127.0.0.1
address=/.addthis.com/127.0.0.1
address=/.admeld.com/127.0.0.1
address=/.adnxs.com/127.0.0.1
address=/.adzerk.net/127.0.0.1
address=/.bluekai.com/127.0.0.1
address=/.clickbank.net/127.0.0.1
address=/.criteo.com/127.0.0.1
address=/.crsspxl.com/127.0.0.1
address=/.crwdcntrl.net/127.0.0.1
address=/.disqus.com/127.0.0.1
address=/.doubleclick.com/127.0.0.1
address=/.doubleclick.net/127.0.0.1
address=/.effectivemeasure.net/127.0.0.1
address=/.esm1.net/127.0.0.1
address=/.estat.com/127.0.0.1
address=/.exelator.com/127.0.0.1
address=/.gigya.com/127.0.0.1
address=/.gravity.com/127.0.0.1
address=/.imrworldwide.com/127.0.0.1
address=/.kinja.com/127.0.0.1
address=/.linkbucks.com/127.0.0.1
address=/.liveadvert.com/127.0.0.1
address=/.livefreetimenews.com/127.0.0.1
address=/.mail-corp.com/127.0.0.1
address=/.mktoresp.com/127.0.0.1
address=/.ooyala.com/127.0.0.1
address=/.optimizely.com/127.0.0.1
address=/.outbrain.com/127.0.0.1
address=/.owneriq.com/127.0.0.1
address=/.paresly.com/127.0.0.1
address=/.quantserve.com/127.0.0.1
address=/.res-x.com/127.0.0.1
address=/.revsci.net/127.0.0.1
address=/.scorecardresearch.com/127.0.0.1
address=/.searchmarketing.com/127.0.0.1
address=/.shareaholic.com/127.0.0.1
address=/.sitemeter.com/127.0.0.1
address=/.statcounter.com/127.0.0.1
address=/.techcrunch.com/127.0.0.1
address=/.tklist.net/127.0.0.1
address=/.triggit.com/127.0.0.1
address=/.tynt.com/127.0.0.1
address=/.xiti.com/127.0.0.1
address=/.yieldmanager.com/127.0.0.1
address=/.po.st/127.0.0.1
address=/.zdbb.net/127.0.0.1
address=/.newrelic.com/127.0.0.1
address=/.stipple.com/127.0.0.1
address=/.invitemedia.com/127.0.0.1
address=/.rubiconproject.com/127.0.0.1
address=/.casalemedia.com/127.0.0.1
address=/.adsonar.com/127.0.0.1
address=/.serving-sys.com/127.0.0.1
address=/.vizu.com/127.0.0.1
address=/.serving-sys.com/127.0.0.1
address=/.gravity.com/127.0.0.1
address=/.mixpo.com/127.0.0.1
address=/.yadro.ru/127.0.0.1
Now we save and restart the dnsmasq
killall dnsmasq
and then restart dnsmasq
dnsmasq
Also, flush your DNS on your main desktop. You will now be unsuccessful at pinging the domain or any subdomain under it.
For instance:
C:\Users\binarypower>ping outbrain.com
Pinging outbrain.com [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\Users\binarypower>ping somestupidsubdomain.outbrain.com
Pinging somestupidsubdomain.outbrain.com [127.0.0.1] with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
No comments:
Post a Comment