[ previous ] [ next ] [ threads ]
 
 From:  "Chris Bagnall" <m0n0wall at minotaur dot cc>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] block domains providing spywares in m0n0wall
 Date:  Wed, 3 Nov 2004 13:56:15 -0000
> theres a spywarelist file thats available at spywareguide.com 
> i want to block those domains listed in that file using 
> m0n0wall how can i do that?

I would really suggest adding an extra machine running something like Squid
if at all possible. The problem with blocking domains/IPs from the router is
that the browser will return a 404 for that page, which may be undesirable
if it's only blocking, say, a few images on a given page (makes the page
look unsightly if it's got 404 errors in various spots on it).

With a separate proxy:
1) you're reducing the amount of work your m0n0 box has to do, especially
important if it's a low-spec box
2) with a dedicated proxy you can redirect blocked connections to something
less intrusive, such as a 1-pixel transparent image called "killed.gif" ;-)
This will make webpages with some blocked content still readable.
3) it's easier to upgrade the list as required, especially if you define it
as a Squid ACL (access control list) in a separate file. Then you can simply
replace the file as updated versions of the list become available.

Regards,

Chris
-- 
C.M. Bagnall, Partner, Minotaur
Tel: (07010) 710715   Mobile: (07811) 332969   ICQ: 13350579
AIM: MinotaurUK   MSN: minotauruk at hotmail dot com   Y!: Minotaur_Chris
This email is made from 100% recycled electrons