water cooler :: Blocking ips/hosts



using firefox?
If so, install adblock or adblock plus. This is perhaps the most  vital firefox extension available. It's especially helpful due to its ability to use wildcards, so you can set a filter http://ads.* to block all subdomains named "ads", or */banners/* to block all content from any directory named "banners"

I've honestly never used the host access files in Linux, but it just seemed like it would be the easiest way to block a host from any access to your machine.  For banners in a web browser, however, I tend to just let the browser block them. This might have to change eventually, though. It seems the more time goes by, the tougher we need to get with security, privacy, and annoyances.

>Anyway I ran rc.firewall and configured it, but I can still see those banners/ads.

Sometimes the ip address is not the same as the web IP address, e.g this-ad.com will be different from www.this-ad.com.

As a last resort you could try peerguard.dsl i submitted some time ago. (It requires iptables.dsl, and you will have to comment out PORTS_NOT_TO_BLOCK=80 from PG.conf)

Quote (mikshaw @ Feb. 26 2007,11:40)
using firefox?
If so, install adblock or adblock plus.

No. I want it system wide.
For me, the easiest way to block access to certain hosts is to modify the /etc/hosts file.  To block ads from, say, www.adserver.com just add this line to the /etc/hosts file:

127.0.0.1    www.adserver.com

Or if you want to block a certain smutserver, then add:

127.0.0.1   www.smutserver.com

You get the point.  This maps the address of the adserver or smutserver to your local loopback 127.0.0.1, and produces an instant "cannont find server" rather than taking you to their site, regardless of their IP or www address.
A good sample file is available online that blocks thousands of adware sites.  Go to:

http://hostsfile.mine.nu/

for an example hosts file that contains over 50.000 ad sites.   It works without delay on a router/server even with minimal resources, and does not slow down your browsing.  It in fact speeds it up by not displaying all those resource hogging ad graphics.  On a desktop pc I would add entries to the /etc/hosts file judiciously, though, since it slows down a desktop machine for some reason if the /etc/hosts file is big.  I use this procedure with my floppfw router and it works well at blocking most ads.

keep in mind that if you happen to be running a webserver on your localhost, the 127.0.0.1 address is not the best choice. You'll probably want to change it to something that doesn't exist
Next Page...
original here.