Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


DNS Ad Blocking / Prevent your pc from connecting to selected internet hosts
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

DNS Ad Blocking / Prevent your pc from connecting to selected internet hosts

painfreepcpainfreepc Member
edited December 2013 in General

MaraDNS Ad Blocking - Recursive and/or Authoritative DNS

how to make the internet not suck (as much)

source statement: http://someonewhocares.org/hosts/

If You Would Like Your Own DNS Ad Blocking Server I Will Post Setup Tutorial,
Setup is very easy, works for windows and linux, you only need one config file.

Why use an ad blocking DNS

  • prevent your computer from connecting to selected internet hosts
  • the above alone will reduce bandwidth use
  • blocks certain pop-up traps
  • prevents user tracking by way of "web bugs" embedded in spam
  • provides partial protection to IE from certain web-based exploits
  • blocks most advertising you would otherwise be subjected to on the internet
  • blocks most of the bad stuff from calling home

No download or Install needed for your devices

Easy setup on home or off PC or Run from lowend VPS

Go To http://adfreedns.tk/ To Get URL of my Public DNS Server

Credits for the hosts files:

This url block is the merging of 3 hosts files

http://someonewhocares.org/hosts/

http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts;showintro=0

blocks Mobile Ads Android Phones: http://adaway.sufficientlysecure.org/hosts.txt

more info https://github.com/dschuermann/ad-away/issues/113

«13

Comments

  • Could you make a tutorial on how to setup your own ad blocking dns server?

    Thanked by 1Steve81
  • @joodle said:
    Could you make a tutorial on how to setup your own ad blocking dns server?

    +1

  • xDragonZxDragonZ Member
    edited December 2013

    @joodle said:
    Could you make a tutorial on how to setup your own ad blocking dns server?

    +1, interested to know how to set it up

  • I'm currently experimenting with an ad blocking DNS server using Bind

    Works great so far, disabled adblock on chrome and it's not showing any ads at the moment :)

    Thanked by 1lukesUbuntu
  • lukesUbuntulukesUbuntu Member
    edited December 2013

    +1, going to create something for New Zealand/Aussie location nice thanks

  • rm_rm_ IPv6 Advocate, Veteran
    edited December 2013

    @painfreepc you seem to be a sleazy person with a signature full of affiliate codes, tell us why should anyone run all of their DNS queries through you? If you want this to be useful, post a HOWTO for people to set up the same filtering on their own server, don't expect anyone to just go and use yours.

  • i am testing a few things, when i am done i will post a HOWTO.

  • i removed the affiliate codes, only for a short time.

  • I think its really nice from you to provide public DNS servers
    but how can someone trust these? i mean..
    isnt it possible to make people that query Paypal.com using your DNS to Redirect them to a phising site (fake paypal site that you could've setup?)

  • Yes, and how do you trust google? Or your ISP? Or some random guy on the internet?

    As for paypal, if it is redirected to a fake site there should be a big warning in the browser that the SSL cert doesn't match.

    Thanked by 1Mark_R
  • painfreepcpainfreepc Member
    edited December 2013

    @Mark_R said:
    I think its really nice from you to provide public DNS servers
    but how can someone trust these? i mean..
    isnt it possible to make people that query Paypal.com using your DNS to Redirect them to a phising site (fake paypal site that you could've setup?)

    this is not permanent, i am just testing.

    i bet you would have no problem using an online proxy or vpn server, but my intentions is suspect.

    it's your job to verify that your browser is showing you the correct site.

    do you set static dns on your smart phone or laptops, if you don't then you have no ideal what dns server you are using when not at home, office or school.

    and why do we trust google? thank about it, every search you do is logged.

    Thanked by 1Mark_R
  • BlazeMuisBlazeMuis Member
    edited December 2013

    Got it working via router level, created 2 DNS servers (1 for failover/secondary) and no ads are showing on any computer including phones and tablets in our house :)

    Will be buying a Raspberry Pi for this soon

  • @rds100 said:
    Yes, and how do you trust google? Or your ISP? Or some random guy on the internet?

    As for paypal, if it is redirected to a fake site there should be a big warning in the browser that the SSL cert doesn't match.

    Worked around by redirecting it to a fake PayPal on HTTP and not HTTPS.

  • @joodle said:
    Got it working via router level, created 2 DNS servers (1 for failover/secondary) and no ads are showing on any computer including phones and tablets in our house :)

    Will be buying a Raspberry Pi for this soon

    Possible for a quick show-how? :)

  • @iKeyZ said:
    Possible for a quick show-how? :)

    Maybe, I'm waiting till @painfreepc throws a tutorial online. If he does not make a tut i will do it

    Thanked by 2iKeyZ ecircuit
  • @joodle said:
    Maybe, I'm waiting till painfreepc throws a tutorial online. If he does not make a tut i will do it

    Thanks!

  • NeoonNeoon Community Contributor, Veteran
    edited December 2013



    To block some URL's but in German.

  • netomxnetomx Moderator, Veteran

    @rm_ said:
    painfreepc you seem to be a sleazy person with a signature full of affiliate codes, tell us why should anyone run all of their DNS queries through you? If you want this to be useful, post a HOWTO for people to set up the same filtering on their own server, don't expect anyone to just go and use yours.

    why are you ppl mad about affiliate links?

  • SilvengaSilvenga Member
    edited December 2013

    Although this DNS is a great idea, I wondering if some of the more aggressive anti-viruses (e.g. Norton, Bitdefender, ESET, MicroTrend, etc.) will consider the DNS to be spoofing look ups, or at least hijacked. This might present issues to the user. Even using the company's DNS on a internal network poses problems.

    @OkieDoke said:
    Worked around by redirecting it to a fake PayPal on HTTP and not HTTPS.

    This is impossible, PayPal mandates SSL as well as most websites (e.g. Google, Yahoo, Bing, every Java EE server, etc. ) If the user ever visited the site once, they should be safe.

  • VPNVPN Member
    edited December 2013

    @Silvenga said:
    This is impossible, PayPal mandates SSL as well as most websites (e.g. Google, Yahoo, Bing, every Java EE server, etc. ) If the user ever visited the site once, they should be safe.

    Not really. If i had a hosts file that redirected paypal.com to paypla.com (deliberate misspelling assuming one owned that domain name) then the visitor wouldn't know otherwise.

  • @OkieDoke said:
    Not really. If i had a hosts file that redirected paypal.com to paypla.com (deliberate misspelling assuming one owned that domain name) then the visitor wouldn't know otherwise.

    There has been measures made in the past score of years to prevent this:

    On re-connection to PayPal, the client will perform a hostname check (the DNS can spoof this), but also a certificate check. This check would fail as the spoofing server does not have the CA recognition and the private keys of PayPal. The browser, if configured correctly, should then warn the user of a possible spoof because their certificates would not match those from the last session.

    If the user proceeds through this warning, or if they use HTTP without checking for the level 3 certificate of PayPal, then Social Darwinism dictates that these users should not be on the Internet in the first place, or at least exchanging money.

  • @OkieDoke said:
    Not really. If i had a hosts file that redirected paypal.com to paypla.com (deliberate misspelling assuming one owned that domain name) then the visitor wouldn't know otherwise.

    Like the thread starter & rds100 stated after my post
    you have to confirm you are not being fooled and redirected to a phising site silently
    but people who usually never confirm anything and just DO will be falling for it.

    Thanked by 1painfreepc
  • painfreepcpainfreepc Member
    edited December 2013

    @joodle said:
    Maybe, I'm waiting till painfreepc throws a tutorial online. If he does not make a tut i will do it

    i you wish to do a tutorial no need to wait for me, if you are using bind9 i would like to try it, i will wait a week or two before i post my tutorial and i will place a link to your tutorial for bind.

    i am using MaraDNS on ubuntu 12.04, maradns is a Authoritative and/or Recursive DNS
    server.

    maradns is very lightweight, been running on a host1free vps (128MB Ram) for a month now,
    using for my local network and a few friends network, have not had a problem.

    to do recursive DNS you only need one config file and one zone file if you wish to connect to your local pc's by name,

    Thanked by 1Mark_R
  • @Silvenga said:
    If the user proceeds through this warning, or if they use HTTP without checking for the level 3 certificate of PayPal, then Social Darwinism dictates that these users should not be on the Internet in the first place, or at least exchanging money.

    I don't think you quite understand the basic example I gave of how easy it would be to do.

  • @OkieDoke said:
    I don't think you quite understand the basic example I gave of how easy it would be to do.

    What you are talking about was very easy to do years ago, but not now.

  • wait for guide.
    that maybe a great work.

  • It's not just you! http://adfreedns.tk looks down from here.

    :(

  • VPNVPN Member
    edited December 2013

    Perhaps the OP should sort their own DNS issues out before providing this service lol;

    http://www.dnsinspect.com/adfreedns.tk/1388424263

    They should look like this lol.

    http://www.dnsinspect.com/okiedoke.co.uk/1388424381

  • @OkieDoke said:
    Perhaps the OP should sort their own DNS issues out before providing this service lol;

    http://www.dnsinspect.com/adfreedns.tk/1388424263

    They should look like this lol.

    http://www.dnsinspect.com/okiedoke.co.uk/1388424381

    BAD EXAMPLE! FIX MX! O;

  • Tell that to Google. Silly morons use multiple hostnames for a single IP.

Sign In or Register to comment.