[geeks] filtering out web base trojan?
Sheldon T. Hall
shel at artell.net
Sun Mar 16 12:31:22 CDT 2008
The Kama Sutra of Sridhar Ayengar reads thusly ...
> Sheldon T. Hall wrote:
> >
> > I really miss running my own DNS server; it was easy to
> > block a large
> > percentage of advertising sites outright, by getting the
> > list from YoYo
> > (http://pgl.yoyo.org/adservers) and letting DNS point those
> > host names to
> > localhost. I added a list of known malware sites and other
> > bad actors, too,
> > of course. It wasn't foolproof, and it did require
> > maintenance, but I really liked the results.
>
> You can do the same thing with hosts files.
Yep, but doing it at the DNS server is easier if you have multiple machines,
which I did. Doing it on the UNIX-based DNS server made it easier to
automate the update process, too. I've always found that automating
Windows processes is a PITA.
Also, in the past, having a massive hosts file under Windows resulted in
abominable system performance. They may have fixed that, I dunno.
FWIW YoYo makes their AdServers file available in multiple formats, includng
hosts file format, BIND, etc.
-Shel
More information about the geeks
mailing list