LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Get rid of advertisement and stats ips ? (https://www.linuxquestions.org/questions/linux-networking-3/get-rid-of-advertisement-and-stats-ips-662972/)

linuxcbon 08-15-2008 07:49 AM

Get rid of advertisement and stats ips ?
 
Hi,

when opening www.gmx.net and typing netstat -epaoFc | grep seamonkey, these got called :
img.web.de
img.ui-portal.de
js.ui-portal.de
213.248.125.73
216.34.207.71
217.72.195.157
217.72.200.153
etc.
(seems random)

The only real ip for www.gmx.net is 217.72.204.254 (found with ping), the rest is for advertisements and statistics...

I use hosts files and I enter ips manually by looking at netstat.

There is a way to allow or block a range of ips, like :
iptables -I INPUT -m iprange --src-range 80.230.0.0-80.255.0.0 -j DROP

Do you have other tips and tricks ?
/etc/hosts.deny ?

Cheers

jomen 08-15-2008 08:21 AM

Quote:

Do you have other tips and tricks ?
...for achieving what?

I use the NoScript and the Adblock Plus extensions for firefox and all is fine for me.

linuxcbon 08-15-2008 08:44 AM

I dont use firefox.

jomen 08-15-2008 09:26 AM

so you said...
Quote:

when opening www.gmx.net and typing netstat -epaoFc | grep seamonkey,
Those extensions are available for seamonkey too.

What you didn't say: to achieve what?
[edit] ...I know - its in the threads title...

linuxcbon 08-15-2008 09:40 AM

I don't want to use extensions or other programs.
I will use /etc/hosts

By the way : do you know range of ips I should ban ?
Like dangerous ips, spamming ips etc ?

jiml8 08-15-2008 09:44 AM

Well, then, you have sort of limited what "tricks and tips" other people can give you.

linuxcbon 08-15-2008 09:46 AM

Feel free to give tips.
I feel free to use what I like.

What about banning a range of ips ?

jomen 08-15-2008 09:49 AM

Indeed - there is no such thing as spamming IP's or dangerous IP's - and if they are (dangerous,spamming...) today - they may not be tomorrow.
It is a never ending and tedious work not to use such extensions to the browser and still get the same result.

/tips

linuxcbon 08-15-2008 10:18 AM

How often do they change ?

I noticed these come often for ads :
193.93.124. TELEFUN
207.36. affinity.com
212.129.63. TELEFUN
213.248.125. Akamai
80.231.197. Verisign
etc.

XavierP 08-15-2008 02:33 PM

In /etc/hosts make those addresses point to 127.0.0.1 as in the examples shown here: http://www.mvps.org/winhelp2002/hosts.htm

Of course, this will be a labour of love as you'll have to do it manually every time you find one.

farslayer 08-15-2008 03:39 PM

malware block lists..

* Dshield.org recommended block list (http://feeds.dshield.org/block.txt)
* EmergingThreats rules (many contain IP addresses): (http://www.emergingthreats.net/rules/)
* EmergingThreats RBN IP (http://doc.emergingthreats.net/pub/M...NetworkIPs.txt)
* Spamhaus Drop List (http://www.spamhaus.org/drop/drop.lasso)


http://www.adsblacklist.com/

Quite a few of the content filtering systems can block ad sites, for a minor subscription fee.
Easier for me to pay them for automatic updates than to try and maintain it myself.


You have Verisign in your list.. Verisign was not an advertising site last time I checked. they are a SSL Certificate provider

linuxcbon 08-15-2008 04:32 PM

For instance I blocked 80.231.197.203 (verisign), is it a stats server ?

XavierP 08-15-2008 05:25 PM

http://www.verisign.com/verisign-inc/index.html - I can't believe you haven't heard of the security certificate provider Verisign.

linuxcbon 08-15-2008 06:10 PM

If I open www.myspace.com then 80.231.197.203 among others is called.

jomen 08-15-2008 06:36 PM

...so?
Why shouldn't verisign get called?
BTW:
I does not get called for me - which shows that you can - by going this way - very proably easily lock out legitimate sites and create problems instead of solving...what exactly? (never mind - don't answer that)


All times are GMT -5. The time now is 06:25 AM.