using DNS to block entire domain's for entire LAN
Posted: Wed Mar 27, 2013 2:00 pm
When I discovered amahi and it's DNS network solution, i was estatic. I have been wanting to streamline my DNS into 1 interface to use for my entire network for ages. Along the way I've tried some limited stopgap approaches like:
1. hosts file on each device : VERY ineffective. Not only are you limited to one device and then have to set up some kind of rigged up script file to propogate that file to your other devices (some don't even use a hosts file like idevices). But worse than that this file has no ability to truly block subdomains. So if I block http://www.doubleclick.net and doubleclick.net on computerA, if I receive an ad that comes in as ad1.doubleclick.net, the hosts file passes this through because I didn't include ad1 in my file. This method completely sucks and is no good.
2. changed my DNS name servers to opendns.org : mostly ineffective. The only difference this made for me was that I can get some nice DNS reports at their website and the phish scam blockage is nice too I guess. But as far as truly blocking entire domains from my LAN it's limited. You are offered a limited number of domains you can block. But some domains (such as yahoo.com or yahoodns.com) don't work because they have a contract with opendns apparently.
3. Browser approaches like adblock plug-in and others : mostly ineffective. Again we are only working with 1 browser within 1 device... hardly the streamlined approach I am shooting for. This isn't even worth discussing because 1 browser on 1 device isn't going to cut it. I want to block any domain I want and have that work along my entire LAN network. Next.
4. using my router : okay results. This is clunky and doesn't really seem as robust as I would like. I don't have a top-line router it's okay but mostly average (TL Link 1043nd). Plus this method doesn't have anything to do with the DNS server, I think it just supposedly "blocks" the domain. I haven't had too much luck figuring this out.
Bottom line: I just want to be able to tell the DNS server a domain (such as yahoo.com or amazon.com - if I wanted to, it's up to me) and have it block the domain and all it's nasty children from ever appearing on my internal network ever again. This doesn't seem like a very complicated thing yet I see no solution for it anywhere in any capacity anywhere on the internet.
Can we accomplish this with amahi dns or what?
1. hosts file on each device : VERY ineffective. Not only are you limited to one device and then have to set up some kind of rigged up script file to propogate that file to your other devices (some don't even use a hosts file like idevices). But worse than that this file has no ability to truly block subdomains. So if I block http://www.doubleclick.net and doubleclick.net on computerA, if I receive an ad that comes in as ad1.doubleclick.net, the hosts file passes this through because I didn't include ad1 in my file. This method completely sucks and is no good.
2. changed my DNS name servers to opendns.org : mostly ineffective. The only difference this made for me was that I can get some nice DNS reports at their website and the phish scam blockage is nice too I guess. But as far as truly blocking entire domains from my LAN it's limited. You are offered a limited number of domains you can block. But some domains (such as yahoo.com or yahoodns.com) don't work because they have a contract with opendns apparently.
3. Browser approaches like adblock plug-in and others : mostly ineffective. Again we are only working with 1 browser within 1 device... hardly the streamlined approach I am shooting for. This isn't even worth discussing because 1 browser on 1 device isn't going to cut it. I want to block any domain I want and have that work along my entire LAN network. Next.
4. using my router : okay results. This is clunky and doesn't really seem as robust as I would like. I don't have a top-line router it's okay but mostly average (TL Link 1043nd). Plus this method doesn't have anything to do with the DNS server, I think it just supposedly "blocks" the domain. I haven't had too much luck figuring this out.
Bottom line: I just want to be able to tell the DNS server a domain (such as yahoo.com or amazon.com - if I wanted to, it's up to me) and have it block the domain and all it's nasty children from ever appearing on my internal network ever again. This doesn't seem like a very complicated thing yet I see no solution for it anywhere in any capacity anywhere on the internet.
Can we accomplish this with amahi dns or what?