Return 127.0.0.1 for blocked domains

Not planned

Follow

anthony96922

July 27, 2013 23:39

There should be an option for the DNS to return 127.0.0.1 because i am using opendns to block tracking beacons. Would be a nice idea.

1

• 

  jedisct1 July 28, 2013 04:31

  Why not just install Ghostery? http://www.ghostery.com/

  0

  Comment actions Permalink
• 

  rotblitz July 28, 2013 11:46

  "Would be a nice idea."

  No, blocking ads and trackers with OpenDNS is a very bad idea, because it slows down your surfing experience. Best is to block such stuff locally, e.g. with Ghostery as jedisct1 said.

  If you don't want to see something, it is best to ignore it instead of producing additional internet traffic to not see it.  ;-)

  0

  Comment actions Permalink
• 

  anthony96922 July 29, 2013 04:46

  What i mean is instead of showing the block page in the place where the ad is it should be empty so website would load faster. There is no extra traffic because the request gets bounced back to the computer.

  0

  Comment actions Permalink
• 

  jedisct1 July 29, 2013 05:09

  It will still require a DNS round-trip. Which is why blocking domains locally remains more efficient.

  If you can't do it on a device (maybe because it's a phone or a tablet, not a computer), you can do it on your router, if it's running an open firmware.

  See http://www.linksysinfo.org/index.php?threads/script-clean-lean-and-mean-adblocking.68464/ for example - I'm running that one with great success.

  If you are running dnscrypt, please note that it has a plugin to locally block domains, keywords and IP addresses, even IPv6 addresses. Instead of returning a hijacked IP address, it returns a response with the REFUSED error code, which is way cleaner.

  Now, if the intent is still to use OpenDNS to block ads, and to minimize the payload size, a better suggestion would be to detect what kind of content the client is requesting, and return the smallest valid, empty element for this content type.

  The script for routers cited above can use a tool called pixelserv for this purpose. If the client requests an image, pixelserv serves the smallest possible 1x1 pixel transparent image. If the client requests a Flash object, it will return the smallest valid Flash object doing nothing, etc.

  This is actually pretty cool, because it tends to break less stuff than returning a fake IP, while still efficiently blocking ads and trackers.

  Maybe OpenDNS is already doing that for the block page. If not, that would be a good thing to suggest.

  Still, blocking things on your local device or your local network remains the best option.

  0

  Comment actions Permalink
• 

  anthony96922 July 29, 2013 17:28

  Well i am using dnsmasq on my computer. Then i just have my phones and iPods use that. Also i use it to block any tracking beacons.

  0

  Comment actions Permalink
• 

  cervezafria July 29, 2013 23:07

  Hostsman.

  0

  Comment actions Permalink
• 

  jedisct1 July 29, 2013 23:26

  If you are using a Unix-like system, or OSX, there are plenty of options, and they are easy to implement.

  For example:

  - Firewall the IPs you don't want to connect to.

  - Or use the firewall to redirect the IPs you are blocking to a local pixelserv server.

  - Use AdSuck: https://opensource.conformal.com/wiki/adsuck and make dnsmasq forward queries to it. Or it forward queries to dnsmasq. Both work.

  - Use dnscrypt-proxy: http://dnscrypt.org - Make dnsmasq forward the queries to it.

   

  0

  Comment actions Permalink
• 

  anthony96922 July 29, 2013 23:28

  I have a web server running on my computer and it returns empty content for every request.

  0

  Comment actions Permalink
• 

  jedisct1 July 29, 2013 23:30

  Cool, so any of the options above will work.

  Still, pixelserv is a better option than returning empty content. It returns empty content of the right type instead.

  0

  Comment actions Permalink

Post is closed for comments.