View previous topic :: View next topic |
Author |
Message |
slick Bodhisattva
Joined: 20 Apr 2003 Posts: 3495
|
Posted: Fri Mar 10, 2006 10:42 am Post subject: |
|
|
Be sure always check the (auto-updated) hosts-file for non-127. IPs. Otherwise an attacker can offer an adblock-service and if you use this he can change the IP from the website off your bank to his IP, simulate the bank-website and fish your inputs (= your money) |
|
Back to top |
|
|
Bigun Advocate
Joined: 21 Sep 2003 Posts: 2196
|
Posted: Wed May 24, 2006 12:09 pm Post subject: |
|
|
*bookmarked* _________________ "It's ok, they might have guns but we have flowers." - Perpetual Victim |
|
Back to top |
|
|
HeXiLeD Veteran
Joined: 20 Aug 2005 Posts: 1159 Location: Online
|
Posted: Sat May 27, 2006 5:22 pm Post subject: |
|
|
I have noticed one thing when using vmware, and that is that the linux hosts file does not block anything for vmware OS's.
am i wrong or its just my setup ?
what i mean is:
gentoo uses eth0 to connect to the internet and if i have; lets say http://support.microsoft.com in /etc/hosts, gentoo cannot connect to it as expected.
now i have vmware using eth0 in a promiscous mode and if i open the same url in any vmware operating system i get access to the page. In other words, vmware doesnt read /etc/hosts from linux.
Is there a way of changing this to make it read the linux hosts?
I have also started a topic here that in some way is kinda related to this question. _________________ Do you hear the sound of inevitability?
With age, comes great grumpiness and that, was 20 years ago...
CertFP: becbbd161d5a5c31de3c45171b77bf710911db29 / d985d21f89fe2977b593c4d381a1a86802e62990d9328d893db76d59f9935244 |
|
Back to top |
|
|
Bigun Advocate
Joined: 21 Sep 2003 Posts: 2196
|
Posted: Sat May 27, 2006 5:58 pm Post subject: |
|
|
You may have to change the hosts file in the VM. _________________ "It's ok, they might have guns but we have flowers." - Perpetual Victim |
|
Back to top |
|
|
HeXiLeD Veteran
Joined: 20 Aug 2005 Posts: 1159 Location: Online
|
Posted: Sat May 27, 2006 9:34 pm Post subject: |
|
|
yes i know. but the point was to use one hosts file only in linux to filter everything. _________________ Do you hear the sound of inevitability?
With age, comes great grumpiness and that, was 20 years ago...
CertFP: becbbd161d5a5c31de3c45171b77bf710911db29 / d985d21f89fe2977b593c4d381a1a86802e62990d9328d893db76d59f9935244 |
|
Back to top |
|
|
Archangel1 Veteran
Joined: 21 Apr 2004 Posts: 1212 Location: Work
|
Posted: Tue Jun 06, 2006 10:16 pm Post subject: |
|
|
I suspect it bypasses the Linux hosts file, so yes, you'd have to change the VM one.
What about if you use a different form of networking? I forget what it's called, but there's one where it has to communicate through the host rather than appearing to be on the network itself. That might turn the trick. _________________ What are you, stupid? |
|
Back to top |
|
|
Bigun Advocate
Joined: 21 Sep 2003 Posts: 2196
|
Posted: Thu Aug 31, 2006 4:57 pm Post subject: |
|
|
*bookmarked* _________________ "It's ok, they might have guns but we have flowers." - Perpetual Victim |
|
Back to top |
|
|
HeXiLeD Veteran
Joined: 20 Aug 2005 Posts: 1159 Location: Online
|
Posted: Wed Apr 28, 2010 4:59 am Post subject: |
|
|
My current update is available here with 137.535 entries.
It's a new archive and with wiki page. _________________ Do you hear the sound of inevitability?
With age, comes great grumpiness and that, was 20 years ago...
CertFP: becbbd161d5a5c31de3c45171b77bf710911db29 / d985d21f89fe2977b593c4d381a1a86802e62990d9328d893db76d59f9935244 |
|
Back to top |
|
|
slick Bodhisattva
Joined: 20 Apr 2003 Posts: 3495
|
Posted: Wed Jun 09, 2010 9:02 am Post subject: |
|
|
Jesse wrote: | Is this really sane? It slows my webbrowsing to an utter crawl. |
Install a small Webserver on 127.0.0.1 and point the document root to a empty directory. This is fast, because the browser get a 404 directly. |
|
Back to top |
|
|
Chiitoo Administrator
Joined: 28 Feb 2010 Posts: 2574 Location: Here and Away Again
|
Posted: Thu Dec 30, 2010 4:12 pm Post subject: |
|
|
KenTI wrote: | i use both opera and firefox, and when i was using privoxy (with the default configuration still, i wasn't able to manage tweaking it ) i noticed that privoxy really slowed down browsing
now using opera just with the hosts filter works even faster than firefox, it is a bit complicated to look up for the url of each banner (especially for flash, with adblock you just have to click on the label that appears on the side of the ad) |
I realize the age of the post I'm quoting (is from 2004), but I thought I'd mention this snippet from the FAQ at the Privoxy website, which helped me and might help someone strolling around here some day!
http://www.privoxy.org/faq/trouble.html#GENTOO-RICERS wrote: |
5.23. I compiled Privoxy with Gentoo's portage and it appears to be very slow. Why?
Probably you unintentionally compiled Privoxy without threading support in which case requests have to be serialized and only one can be served at the same time.
Check your "USE" flags and make sure they include "threads". If they don't, add the flag and rebuild Privoxy.
If you compiled Privoxy with threading support (on POSIX-based systems), the "Conditional #defines" section on http://config.privoxy.org/show-status will list "FEATURE_PTHREAD" as "enabled".
|
Btw., only now I noticed the #GENTOO-RICERS haha!
Anyways, I hope this helps!
Works nicely for me. :] _________________ Kindest of regardses. |
|
Back to top |
|
|
user Apprentice
Joined: 08 Feb 2004 Posts: 202
|
|
Back to top |
|
|
slick Bodhisattva
Joined: 20 Apr 2003 Posts: 3495
|
Posted: Fri Dec 31, 2010 9:29 am Post subject: |
|
|
to add all with 127.0.0.1 to /etc/hosts simply do:
Code: | lynx --dump "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig;showintro=0" | grep "^zone " | cut -d "\"" -f 2 | while read host ; do echo "127.0.0.1 $host" >> /etc/hosts ; done |
|
|
Back to top |
|
|
Sadako Advocate
Joined: 05 Aug 2004 Posts: 3792 Location: sleeping in the bathtub
|
Posted: Sun Jan 02, 2011 2:40 am Post subject: |
|
|
Something else you can do, block via ip address using iptables with ipsets, www.bluetack.co.uk has some extensive lists, not just for blocking adds but potentially hostile or privacy-invading hosts too.
I have that along with dnsmasq with a large hosts file (as discussed in this thread) and privoxy (which blocks most adds for me anyways) on my router. _________________ "You have to invite me in" |
|
Back to top |
|
|
HeXiLeD Veteran
Joined: 20 Aug 2005 Posts: 1159 Location: Online
|
Posted: Sat Dec 31, 2011 2:13 am Post subject: |
|
|
Updated today with 294278+ entries @ http://nixbits.net/wiki/Hostsfile _________________ Do you hear the sound of inevitability?
With age, comes great grumpiness and that, was 20 years ago...
CertFP: becbbd161d5a5c31de3c45171b77bf710911db29 / d985d21f89fe2977b593c4d381a1a86802e62990d9328d893db76d59f9935244 |
|
Back to top |
|
|
lostinplace n00b
Joined: 22 Dec 2012 Posts: 2
|
Posted: Fri Aug 02, 2013 2:39 am Post subject: |
|
|
RedBeard0531 wrote: | I know that this is an unpopular opinion, but this is a VERY bad idea. Those adds are there for a reason. that page that is giving you free information is trying to make somemoney, and is probrobly barley covering the bandwidth. Imagine if everyone did this. It might mean the end of the free internet. I have no problem blocking popups because they are annoying, but are the ad bars THAT annoying? Im not trying to preach, I just want to pointout some of the consequenses of this. |
Another way to look at it would be...
I pay for my bandwidth, just like many other users. Particularly rural users who might use cellular service, or in countries with tax on bandwidth. I also usually find the most ads on sites that are selling things themselves.
Perhaps the sites that have a sprinkling of discrete ads are not so(or at all) annoying, such as the small add text above my personal gmail account, even when it offers me things that make me blush. However the vast majority of the internet, and the world outside the box for that matter, splash ads on like a five year old finger painting. (I could at this point interject something about the cable co charging me to watch commercials it charges millions of dollars to air, but I wont.) Chances are, if you're using your cell phone to hit such a web site, it cost you more than that entity made.
Even when I'm not blocking ads, I'm still not looking at them, or clicking them. I am however chewing up my bandwidth, taxing my ISP, and being subliminally predisposed to a fetish to buy Prada, hit the gym, and order a sex doll. And all while simply trying to determine which roses mean friendly apology not secret stalker so my secretary doesn't get me shipped off to some P-C workplace courses. The flowers ultimately costs me $80 from the florist site, and a few hundred from the Prada and the sex doll (can't hit the gym, UPS is coming) that brought said florist's gross from $80 to $80.08.
Drop the ads, put up a donation button, and explain its the button or 10 ads, and you'll probably get at least $1 a click instead of $.01. But don't expect to convince me it's a bad idea to block the 'Bomb building for dummies' ads my garden supply store blasts at me every time I give them $200 for fertilizer for my tomatoes. |
|
Back to top |
|
|
HeXiLeD Veteran
Joined: 20 Aug 2005 Posts: 1159 Location: Online
|
Posted: Fri Aug 02, 2013 6:32 pm Post subject: |
|
|
RedBeard0531 wrote: | I know that this is an unpopular opinion, but this is a VERY bad idea. Those adds are there for a reason. that page that is giving you free information is trying to make somemoney, and is probrobly barley covering the bandwidth. Imagine if everyone did this. It might mean the end of the free Internet. I have no problem blocking popups because they are annoying, but are the ad bars THAT annoying? Im not trying to preach, I just want to pointout some of the consequenses of this. |
It not an unpopular opinion. It is a subversive statement from someone that has something to win from it. It is also not just about the ads which by being removed or blocked also improve the browser, page and computer performance not to mention the huge security benefit that comes with it. How about cookies? first and 3rd part cookies and the crap that they plant on our computer from a location we don't want to access or have no clue we are downloading from ?
How about java apps that self execute or try to? Are we forgetting spyware? Adware and all the rest of *wares out there we don't want ?
If using a hosts file is a bad idea why is it that any decent firewall and or anti-virus out there supply similar functionality and where is the difference because there is one. HOSTs file is free and the other options not really. Is free internet going to end because of proprietary software that blocks ads ?
Lets point all the consequences of blocking sites of this nature with this method versus what we can lose and then weight things.
Claiming that this would end free internet is quite the social engineering mind egg plant to use other peoples lack of knowledge against themselves and making them believe that could actually happen while leading them to drop their protection measures.
Were we being bombed with ads 15 or 25 years ago when it was all very very very free and way more free than now ? Did the internet end back then ?
Whats the next claim ? Open free/source is going to end because there are no 3rd party ads supporting it ? It is the exact same thing.
When someone access IMDB which makes enough money to run and then splashes us with 3rd party ads on their site who pay IMDB to be allowed there; how is it any of this free ? (rhetorical question) _________________ Do you hear the sound of inevitability?
With age, comes great grumpiness and that, was 20 years ago...
CertFP: becbbd161d5a5c31de3c45171b77bf710911db29 / d985d21f89fe2977b593c4d381a1a86802e62990d9328d893db76d59f9935244 |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Sat Aug 03, 2013 3:25 pm Post subject: |
|
|
That's a lot of questions for someone whose last post was 7 years ago and last posted in this topic a decade ago...
Anyway, this is how I do it using BIND; there's no long timeouts because the DNS server says "no" right away:
/etc/bind/named.conf: | [...]
include "/etc/bind/adblock.conf";
[...] |
/etc/bind/adblock.conf: | [...]
zone "adrevolver.com" { type master; file "pri/empty.zone"; };
zone "adtech.de" { type master; file "pri/empty.zone"; };
zone "adtechus.com" { type master; file "pri/empty.zone"; };
zone "atdmt.com" { type master; file "pri/empty.zone"; };
[...] |
/etc/bind/pri/empty.zone: | $TTL 1W
@ IN SOA localhost. root.localhost. ( 1 28800 14400 604800 86400 )
@ IN NS localhost. |
|
|
Back to top |
|
|
djdunn l33t
Joined: 26 Dec 2004 Posts: 810
|
Posted: Sat Aug 03, 2013 8:34 pm Post subject: |
|
|
if blocking adverts is immoral, than not installing flash which effectively makes flash based adverts immoral too?
wikipedia doesnt show porn popups and popunders playing music and videos and begging that i go somewhere or porn adds wasting my bandwidth.
if one of the most popular sites on the internet can work without forcing noisy high bandwidth adverts including full video, immoral porn smut, seizure inducing blinking, and filling my screen with 4 popups every time i click on a link, than the future of the free internet is not in peril, but the future of crap internet sites might be. _________________ “Music is a moral law. It gives a soul to the Universe, wings to the mind, flight to the imagination, a charm to sadness, gaiety and life to everything. It is the essence of order, and leads to all that is good and just and beautiful.”
― Plato |
|
Back to top |
|
|
anbc n00b
Joined: 26 Jul 2013 Posts: 47
|
Posted: Mon Oct 07, 2013 9:06 am Post subject: |
|
|
I've decided to switch back to AdBlock in Firefox and remove these localhost blocks.
The hosts file block works well - no slowdown at all, but it's a pain to keep updated and is rather outdated in methodology!
Last edited by anbc on Wed Oct 09, 2013 4:29 pm; edited 2 times in total |
|
Back to top |
|
|
666threesixes666 Veteran
Joined: 31 May 2011 Posts: 1248 Location: 42.68n 85.41w
|
Posted: Mon Oct 07, 2013 5:09 pm Post subject: |
|
|
this is not a sane solution, and should be locked..... your computer first checks hosts, runs through your 990000000 hosts then goes out to the internet. then, when it finds a bogus host, it loads your web page on your local computer! adblock plus was much easier. |
|
Back to top |
|
|
188562 Apprentice
Joined: 22 Jun 2008 Posts: 186
|
|
Back to top |
|
|
_______0 Guru
Joined: 15 Oct 2012 Posts: 521
|
Posted: Wed Oct 30, 2013 1:36 am Post subject: |
|
|
what about instructions on how to glue all together??
By the way 0.0.0.0 instead of 127.0.0.1 works too. Apparently using 0.0.0.0 doesn't kill performance. |
|
Back to top |
|
|
_______0 Guru
Joined: 15 Oct 2012 Posts: 521
|
Posted: Wed Oct 30, 2013 1:38 am Post subject: |
|
|
Ant P. wrote: | That's a lot of questions for someone whose last post was 7 years ago and last posted in this topic a decade ago...
Anyway, this is how I do it using BIND; there's no long timeouts because the DNS server says "no" right away:
/etc/bind/named.conf: | [...]
include "/etc/bind/adblock.conf";
[...] |
/etc/bind/adblock.conf: | [...]
zone "adrevolver.com" { type master; file "pri/empty.zone"; };
zone "adtech.de" { type master; file "pri/empty.zone"; };
zone "adtechus.com" { type master; file "pri/empty.zone"; };
zone "atdmt.com" { type master; file "pri/empty.zone"; };
[...] |
/etc/bind/pri/empty.zone: | $TTL 1W
@ IN SOA localhost. root.localhost. ( 1 28800 14400 604800 86400 )
@ IN NS localhost. |
|
Is that all?
emerge bind
make your changes.
start bind service
that simple? |
|
Back to top |
|
|
188562 Apprentice
Joined: 22 Jun 2008 Posts: 186
|
|
Back to top |
|
|
|