No Ad DNS Project?

[Mun]

At my work as of late I have been nulling Ad networks via DNS, and I was thinking of setting up one for everyone and I wanted to know your thoughts, concerns etc.

Basically I will take doubleclick.net and point is at 127.0.0.1 and other networks as well. 

Other possibilities is to null bad/spam/virus infected networks.

Thanks for feedback if any.

 

[Pmadd]

It's a neat idea, I won't mind seeing you impliment it, but as always there may be abuse (I'm not sure if/how you can abuse dns... As I'm still trying to figure it out.)

 

[NodeBytes]

That sounds really cool!

Also, if you want to add any servers to the cluster let me know.

 

[Mun]

Thanks for the feed back, we might add some mirrors, but lets first get it off the ground.

 

[D. Strout]

Basically I will take doubleclick.net and point is at 127.0.0.1 and other networks as well.

Where would you get your list of networks to redirect? And what would you redirect them to? Then there's the issue of trust - you could take Bankofamerica.com and point it somewhere nasty. Not that I'm saying you would, but it's something one has to consider.

 

[Mun]

Where would you get your list of networks to redirect? And what would you redirect them to? Then there's the issue of trust - you could take Bankofamerica.com and point it somewhere nasty. Not that I'm saying you would, but it's something one has to consider.

Correct, and that is always a point of contention that can happen. I mean google could as well. (theoretically)

The best way for that to not happen is to be open, to show problems, and three to setup a compare Web App.

(I would love to have vigil people and call me out if I did something that "Stupid")

 

[NodeBytes]

Keep a list of all the active bind records on a website possibly? Just throwing out ideas.

 

[drmike]

I do exactly this for various projects, clients, etc.

Maintaining the lists and blocks is a problem and "false" positives.

Lots of unsavory companies are mixing real legitimate services with things that should be blocked on the same domain.   Google for instance comes to mind

There's a niche for this sort of thing certainly.

 

[acd]

A quick google search says someone already does this...


http://pgl.yoyo.org/as/

 

[Mun]

A quick google search says someone already does this...

http://pgl.yoyo.org/as/

That is the host file and not a DNS server. A host file is great, but I think a Dns server might be better in certain cases

I do exactly this for various projects, clients, etc.

Maintaining the lists and blocks is a problem and "false" positives.

Lots of unsavory companies are mixing real legitimate services with things that should be blocked on the same domain.   Google for instance comes to mind

There's a niche for this sort of thing certainly.

yeah.... I know :\

Keep a list of all the active bind records on a website possibly? Just throwing out ideas.

We will. 

So all in all I have a few people liking it?

.

 

[drmike]

Sure, I like the idea and should be generally easy enough to do.

In addition to blocking ad networks, I highly advise the different but associated stuff like Google Analytics being blocked too.

My approach has been to inspect slow loading pages I frequent and pull apart the many requests and identify what things are.  Anything monitoring, behavioral, or related, I ban.

 

[NodeBytes]

Just make sure not to block any cdns that carry the css.

 

[acd]

Edit: I determined this post does not add value to this thread and have blanked its contents. Instead, I suggest writing a script that converts hosts files to nameserver format for loading.

 

[Mun]

So the next question is are there other things we should try and implement as well?

 

[NodeBytes]

@acd - those already exist.

 

[Mun]

Indeed there is already host files out there, but I don't really wish to fully use them as I don't know the context of the block.

 

[titanicsaled]

Great idea! You could use to block access to suspected nasty sites as well

Although forwarding to 127.0.0.1 could cause problems for people running their own webserver.

 

[Mun]

Great idea! You could use to block access to suspected nasty sites as well

Although forwarding to 127.0.0.1 could cause problems for people running their own webserver.

Yes, I was planning on doing nasty sites

Yeahh..... I wonder if there is a better address? 127.0.0.2?

 

[Chronic]

Doesn't OpenDNS do something similar?

 

[Mun]

Doesn't OpenDNS do something similar?

I think they "blacklist bad sites" but don't do anything with ads. However, I may be mistaken.