Re: Block stupid/annoying sites
On Sun, Sep 05, 1999 at 01:45:57PM +0100, Frankie Fisher was heard to state: This thread has been going on for a few days, and noone seems to have said very much about junkbuster. I personally use JunkBuster (and have been for a long time), and I have a pretty good blocklist (which I have built up on top of a very comprehensive one I found on the net), which blocks most adds. I have one small probelm with it though. Every now and then, after browsing for a while, I'll get an Opperation in Progress error, and it will stop loading sites. When this happens, I have to switch back to my normal proxy if I want to keep browsing. Has anyone seen this before? It's using the stock JunkBuster from Slink. Cheers, damon -- Damon Muller ([EMAIL PROTECTED]) / It's not a sense of humor. * Criminologist / It's a sense of irony * Webmeister / disguised as one. * Linux Geek / - Bruce Sterling
Re: Block stupid/annoying sites
On Tue, Aug 31, 1999 at 10:26:28PM +0200, andreas palsson wrote: Hello. I am using Debian GNU/Linux as a nameserver, and I wonder how do I modify it to reject all lookups for stupid sites like ad.doubleclick.net or any other annoying banner-site? I've been told to use something called junkbuster but I rather not run anything extra on the host, I simply would like to change something in the bind-configuration. Anyone got an idea? This thread has been going on for a few days, and noone seems to have said very much about junkbuster. I use junkbuster at home to block adverts (with great success) for two reasons: 1) I am offended by the overly commercial nature of much of the web, when it is piggybacking off the work and time that others have put in for free. 2) It saves on download time. Basically any url specification (this can include eg ads.*.com, or any directory on a site called ads etc.) can be blocked, and optionally replaced with either a 1x1 transparent gif, or a gif that says junkbuster. It works very well for me. After having to add about 10 or 20 specifications to the blockfile (examples of which can be found on the web anyway) when I first installed it, I now do not see adverts on any of the sites I visit regularly, and a greatly reduced number on other sites as well. Junkbuster can also stop your web browser sending out your email address, and can block cookies in either direction. I recommend that everybody install junkbuster for privacy reasons, apart from anything else. frankie -- ,-. Frankie Fisher| Capitalism is the extraordinary belief that frankie @ | the nastiest of men, for the nastiest of skunkpussy.freeserve.co.uk | reasons, will somehow work for the benefit PGP Key available on request. | of us all. -- John Maynard Keynes `-' pgppzyFtXudUK.pgp Description: PGP signature
Re: Block stupid/annoying sites
On 05-Sep-99 Frankie Fisher wrote: This thread has been going on for a few days, and noone seems to have said very much about junkbuster. I started installing it last night. I more or less have it working, but the sample files don't have enough examples of acl list entries, for one thing, so it is trial and error. A weird thing happens now if I click the Netscape button (the one that takes me to Netscape's website). The browser will not stop but keeps jumping from one page to another. This does not happen with any other website, just Netscape's. -- Andrew
Re: Block stupid/annoying sites
On Sun, 5 Sep 1999, Pollywog wrote: On 05-Sep-99 Frankie Fisher wrote: This thread has been going on for a few days, and noone seems to have said very much about junkbuster. I started installing it last night. I more or less have it working, but the sample files don't have enough examples of acl list entries, for one thing, so it is trial and error. Read the junkbuster FAQ in /usr/doc/junkbuster, there is a link to altavista searching for blooklists. I got my blocklist from http://www.waldherr.org/blocklist (with about 1000 enties) Martin -- For public PGP-key: finger [EMAIL PROTECTED]
Re: Block stupid/annoying sites
On 05-Sep-99 Martin Fluch wrote: On Sun, 5 Sep 1999, Pollywog wrote: On 05-Sep-99 Frankie Fisher wrote: This thread has been going on for a few days, and noone seems to have said very much about junkbuster. I started installing it last night. I more or less have it working, but the sample files don't have enough examples of acl list entries, for one thing, so it is trial and error. Read the junkbuster FAQ in /usr/doc/junkbuster, there is a link to altavista searching for blooklists. I got my blocklist from http://www.waldherr.org/blocklist (with about 1000 enties) I did see that. I needed a better sample for the acl file. thanks -- Andrew
Re: Block stupid/annoying sites
On Tue, Aug 31, 1999 at 10:26:28PM +0200, andreas palsson wrote: Hello. I am using Debian GNU/Linux as a nameserver, and I wonder how do I modify it to reject all lookups for stupid sites like ad.doubleclick.net or any other annoying banner-site? I've been told to use something called junkbuster but I rather not run anything extra on the host, I simply would like to change something in the bind-configuration. Anyone got an idea? I would say put a bogus address for those sites in /etc/hosts. You can block packets for this address with something like 'route add 10.0.0.1 lo', I think, or block them at firewall level. -Lex pgp3cSfVrhBUH.pgp Description: PGP signature
Re: Block stupid/annoying sites
On Sat, Sep 04, 1999 at 02:36:57PM +0200, Lex Chive wrote: On Tue, Aug 31, 1999 at 10:26:28PM +0200, andreas palsson wrote: Hello. I am using Debian GNU/Linux as a nameserver, and I wonder how do I modify it to reject all lookups for stupid sites like ad.doubleclick.net or any other annoying banner-site? I've been told to use something called junkbuster but I rather not run anything extra on the host, I simply would like to change something in the bind-configuration. Anyone got an idea? I would say put a bogus address for those sites in /etc/hosts. You can block packets for this address with something like 'route add 10.0.0.1 lo', I think, or block them at firewall level. Well, that is one way... If you don't mind setting up squid you can use it with a redirecter (there are several out there; I found references to them using www.google.com and search words similar to squid redirector ad blocker). I think there are smaller proxies that are intended just for this purpose, so maybe squid is far beyond anything you might need. Basically, those programs change all references to any site on their list to a transparent gif, or a this ad blocked image.. :) Much nicer than mucking with /etc/hosts :) -- Seth Arnold | http://www.willamette.edu/~sarnold/ Hate spam? See http://maps.vix.com/rbl/ for help Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
Re: Block stupid/annoying sites
On Tue, Aug 31, 1999 at 10:26:28PM +0200, andreas palsson was heard to state: I am using Debian GNU/Linux as a nameserver, and I wonder how do I modify it to reject all lookups for stupid sites like ad.doubleclick.net or any other annoying banner-site? I've been told to use something called junkbuster but I rather not run anything extra on the host, I simply would like to change something in the bind-configuration. I know it's not a direct answer to your question, but I seem to recall having seen doing this exact thing using the IP tools. I'm not exactly sure, but I *think* it was in the IPChains HOWTO. The example was blocking a site (ad.doubleclick.net) with ipchains. HTH, damon -- Damon Muller ([EMAIL PROTECTED]) / It's not a sense of humor. * Criminologist / It's a sense of irony * Webmeister / disguised as one. * Linux Geek / - Bruce Sterling$
Re: Block stupid/annoying sites
On 02-Sep-99 [EMAIL PROTECTED] wrote: On Tue, Aug 31, 1999 at 10:26:28PM +0200, andreas palsson was heard to state: I am using Debian GNU/Linux as a nameserver, and I wonder how do I modify it to reject all lookups for stupid sites like ad.doubleclick.net or any other annoying banner-site? I've been told to use something called junkbuster but I rather not run anything extra on the host, I simply would like to change something in the bind-configuration. I know it's not a direct answer to your question, but I seem to recall having seen doing this exact thing using the IP tools. I'm not exactly sure, but I *think* it was in the IPChains HOWTO. The example was blocking a site (ad.doubleclick.net) with ipchains. I do it using ipchains, and I used the example given in the HOWTO. I think it might be better to use Squid for this because it seems to me that using an ipchains rule causes a DNS lookup to be performed on the IP addresses in your ipchains rules. Any comments from someone who knows about that? -- Andrew
Re: Block stupid/annoying sites oops!
XFMail reverted to a reply address that was wrong; I had tested spam filters with that address and when I changed it back, the change did not take. I think I fixed it now. Sorry about that. Had a spammer using a bigfoot.com address and I was testing filters. -- Andrew
Re: Block stupid/annoying sites
On Thu, 2 Sep 1999 [EMAIL PROTECTED] wrote: On Tue, Aug 31, 1999 at 10:26:28PM +0200, andreas palsson was heard to state: I am using Debian GNU/Linux as a nameserver, and I wonder how do I modify it to reject all lookups for stupid sites like ad.doubleclick.net or any other annoying banner-site? I've been told to use something called junkbuster but I rather not run anything extra on the host, I simply would like to change something in the bind-configuration. I know it's not a direct answer to your question, but I seem to recall having seen doing this exact thing using the IP tools. I'm not exactly sure, but I *think* it was in the IPChains HOWTO. The example was blocking a site (ad.doubleclick.net) with ipchains. Read the IPCHAINS HOWTO. I think you can do something like: ipchains -A input -s ad.doubleclick.net -j DENY ipchains -A output -d ad.doubleclick.net -j DENY You probably want to tailor the above to meet your needs. This will block *any* kind of connection to/from that site, although DNS lookups will still work. Your browser will probably complain of timeout connecting to that site or something. I'm not quite sure about a cleaner solution. T
Re: Block stupid/annoying sites
On 03-Sep-99 Hwei Sheng TEOH wrote: Read the IPCHAINS HOWTO. I think you can do something like: ipchains -A input -s ad.doubleclick.net -j DENY ipchains -A output -d ad.doubleclick.net -j DENY You probably want to tailor the above to meet your needs. This will block *any* kind of connection to/from that site, although DNS lookups will still work. Your browser will probably complain of timeout connecting to that site or something. I'm not quite sure about a cleaner solution. That is why it might be better to use Squid and block these sites from there. -- Andrew - GnuPG Public KeyID: 0x48109681
Re: Block stupid/annoying sites
Read the IPCHAINS HOWTO. I think you can do something like: ipchains -A input -s ad.doubleclick.net -j DENY ipchains -A output -d ad.doubleclick.net -j DENY You probably want to tailor the above to meet your needs. This will block *any* kind of connection to/from that site, although DNS lookups will still work. Your browser will probably complain of timeout connecting to that site or something. I'm not quite sure about a cleaner solution. What about using REJECT instead of DENY? That way the browser should immediately be told that the destination (in this case ad.doubleclick.net) could not be reached. Someone correct me if I'm wrong on this. I'm just in the process of setting up my system using the IPCHAINS HOWTO, so I'm sure not an expert! Hope this helps, Patrick
Re: Block stupid/annoying sites
On 03-Sep-99 Patrick Olson wrote: Read the IPCHAINS HOWTO. I think you can do something like: ipchains -A input -s ad.doubleclick.net -j DENY ipchains -A output -d ad.doubleclick.net -j DENY You probably want to tailor the above to meet your needs. This will block *any* kind of connection to/from that site, although DNS lookups will still work. Your browser will probably complain of timeout connecting to that site or something. I'm not quite sure about a cleaner solution. What about using REJECT instead of DENY? That way the browser should immediately be told that the destination (in this case ad.doubleclick.net) could not be reached. I believe DENY would cause the browser to time out, but not right away. I only use DENY for spam hosts/nets so that the spammer wastes more time. -- Andrew
Re: Block stupid/annoying sites
What about using REJECT instead of DENY? That way the browser should immediately be told that the destination (in this case ad.doubleclick.net) could not be reached. I believe DENY would cause the browser to time out, but not right away. I only use DENY for spam hosts/nets so that the spammer wastes more time. -- There is an additional difference. If someone runs a port scan against a machine, anything that is denied will get no response. It will be as if there is nothing there. If you are rejecting traffic, they will be able to tell that there is something there that they are not allowed to access. They can simply adjust their activity from a different location to see if they can gain access to the rejected service. -- E-Mail: George Bonser [EMAIL PROTECTED] Date: 02-Sep-99 Time: 22:50:57 This message was sent by XFMail --
Re: Block stupid/annoying sites
On Thu, Sep 02, 1999 at 10:53:47PM -0700, George Bonser wrote: What about using REJECT instead of DENY? That way the browser should there is something there that they are not allowed to access. They can simply adjust their activity from a different location to see if they can gain access to the rejected service. Isn't it the other way round? I can remember that DENY means drop packet on the floor, while REJECT means to send back an ICMP packet saying: connection refused And when someone wants to connect to a port, on which nothing is listenning, he/she will get an ICMP reply connection refused - for example if you point your browser at a host without httpd running, you will get connection refused. But if there is a rule saying to DENY packets from you, you will have to wait for a timeout. correct me if i'm wrong just my 2c Marcin -- - Marcin Owsiany [EMAIL PROTECTED] -
Re: Block stupid/annoying sites
On 03-Sep-99 George Bonser wrote: There is an additional difference. If someone runs a port scan against a machine, anything that is denied will get no response. It will be as if there is nothing there. If you are rejecting traffic, they will be able to tell that there is something there that they are not allowed to access. They can simply adjust their activity from a different location to see if they can gain access to the rejected service. That explains why PortSentry uses DENY and not REJECT when it blocks a port scan or other activity. :) -- Andrew
Re: Block stupid/annoying sites
On 03-Sep-99 Marcin Owsiany wrote: Isn't it the other way round? I can remember that DENY means drop packet on the floor, while REJECT means to send back an ICMP packet saying: connection refused And when someone wants to connect to a port, on which nothing is listenning, he/she will get an ICMP reply connection refused - for example if you point your browser at a host without httpd running, you will get connection refused. But if there is a rule saying to DENY packets from you, you will have to wait for a timeout. correct me if i'm wrong I believe this is exactly what George was saying. -- Andrew
Block stupid/annoying sites
Hello. I am using Debian GNU/Linux as a nameserver, and I wonder how do I modify it to reject all lookups for stupid sites like ad.doubleclick.net or any other annoying banner-site? I've been told to use something called junkbuster but I rather not run anything extra on the host, I simply would like to change something in the bind-configuration. Anyone got an idea? Regards... -- == andreas pÄlsson == [EMAIL PROTECTED] ==