Do you block certain domains?

Discussion in 'polls' started by wat0114, Dec 8, 2013.

?

Do you block certain domains?

  1. No

    34 vote(s)
    68.0%
  2. Yes, by whitelisting in the browser

    3 vote(s)
    6.0%
  3. Yes, by blacklisting in the browser

    4 vote(s)
    8.0%
  4. Yes, by whitelisting using other method

    1 vote(s)
    2.0%
  5. Yes, by blacklisting using other method

    8 vote(s)
    16.0%
  1. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Such as .ru, .info, .vn, etc...and if so, how?
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    I'm not being targeted, so why should I block legitimate sites along with malware sites? The Internet is global guys, it's not as if you're going to be infected visiting .ru sites without social engineering.
     
  3. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    On the web I do not block any. There is no point in blocking entire domains on the web, as not every website from a risky area is infected nor every user a malware author/hacker. There is only one exception that I previously had when my torrent client was in use. That was a block list for China, as there are still a large amount of botnets and spammers flooding torrent connections. Whether that does any good is still hotly debated. I have found very few instances where I needed to connect to domains such as .info, so I don't really concern myself with it.
     
  4. guest

    guest Guest

    For blacklisting blocks I let Google and Norton DNS do that for me. Then I only allowed cookies and javascript in .com, .net, and .org, and allowed plugins only in .com. Unless you meant something else?
     
  5. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    No not really. I probably could have formulated better/more poll questions, though :) mostly I'm just curious if there are a significant number of people blocking certain domains.
     
  6. Balthazar

    Balthazar Registered Member

    Joined:
    Nov 8, 2013
    Posts:
    137
    Location:
    Earth
    Yep, me neither. I visit .ru sites quite regularly. Can't say the same for .vn but I don't block any domain in general. Eset sometimes blocks a website but with noscript only turned off on whitelisted sites (+ sandboxie) I didn't have trouble with malware for quite a long time.
     
  7. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Just to be clear, I only used .ru and the others as examples, as opposed to singling them out.
     
  8. guest

    guest Guest

    I don't think there are many people bothered to maintain domain blacklists. It should be the job of web filtering services.
     
  9. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    No.

    -rich
     
  10. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    No, I really don't see a need.
     
  11. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,087
    Domain specific allow/deny rules can be used for various client-side purposes such as:

    - Blocking communications with malware serving domains
    - Blocking communications with advertising networks, analytics servers, etc
    - Blocking communications with domains associated with undesired phone-home activity
    - Blocking communications with domains that serve content that is inappropriate for the user's age
    - Controlling Javascript, cookies, Referrer, etc
    - Controlling whether HTTP, HTTPS, or both can be used
    - Controlling email and other types of messaging

    and they also can be used server side to restrict which clients are allowed to communicate, filter messages, etc. Even aggressive "deny all, allow few" type approaches are useful in some contexts. Such as when configuring a client for use by a child, configuring a browser profile and/or computer for sensitive (financial, whatever) use only, or configuring a server that you know should only be accessed by certain clients within a certain domain.

    Given that server host/domain names can change, client IP Address and rDNS can change, rDNS information can be out of date or forged, friendly looking host/domain names can map to threatening IP Addresses and systems, IP Addresses can be used instead of hostnames, systems can be multi-homed, the use of content delivery networks, etc there can be false positives and false negatives. In some cases IP Address range based blocking can help, but even that can be problematic too especially when it is static rather than dynamic.

    So although it is common to utilize domain specific blocking for one or more purposes, the specific context and objectives and limitations must be considered. There is nothing wrong with blocking entire TLDs and/or country IP Address ranges if the communications that will block are not needed or desired. You'd want to be pretty sure about that though, since such blocks are broad. Especially if (some of) the blocking will be silent.
     
  12. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I misread the poll and voted the last option. I don't block specific countries. I do block specific sites, corporations, and IP ranges, examples: known adservers, Facebook, Twitter, and with one exception (that I'm reconsidering) Google. I block specific IP addresses and ranges with the firewall using its custom address group feature. I use Proxomitron to block sites by name. Its blockfiles accept wildcards for domains, subdomains, etc.
     
  13. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    What is your definition of domains?

    For example, https://www.wilderssecurity.com/ is a domain.

    The Poll is for domains, such as my above example. But your above description in this post is for Internet top-level domain.

    Best regards,

    Mohamed
     
  14. aladdin

    aladdin Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    2,986
    Location:
    Oman
    One of the way to block domains is through Host file, which should be included in your Poll.

    This Host file is created in your Windows OS by Microsoft.

    Best regards,

    Mohamed
     
  15. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    658
    Location:
    Italy
  16. Balthazar

    Balthazar Registered Member

    Joined:
    Nov 8, 2013
    Posts:
    137
    Location:
    Earth
    Yes, I didn't think otherwise. :)
     
  17. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Top level domains.

    So I just put "other" which could entail hosts files or another means not directly through the browser.
     
  18. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    No I don't :)
     
  19. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    261
    Location:
    USA
    I use the Malware Domains list for Adblock plus a Hosts file to blacklist known bad sites.
     
  20. Janus

    Janus Registered Member

    Joined:
    Jan 2, 2012
    Posts:
    588
    Location:
    Europe - Denmark .
    Nope, I don't find it necessary....yet :)
     
  21. guest

    guest Guest

    Javascript and cookie whitelisting gives a good side effect for me. With that, access to adf.ly is literally blocked. I hate it when I was being redirected to one of those.
     
  22. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    With so many security-conscious members in these forums, I'm surprised there aren't more people blocking notoriously dangerous tld's by default and whitelisting only the sites they want. This at least has the beneficial effect of reducing the attack surface, as has been pointed out by Windows_Security
     
  23. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    No need for it. It wouldn't really fit in well with my setup. I do, however, use HTTPSB but that's less about security and more that I prefer to surf that way.
     
  24. Pinga

    Pinga Registered Member

    Joined:
    Aug 31, 2006
    Posts:
    1,420
    Location:
    Europe
  25. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,242
    No I don't see the need personally to block any top level domains. As for blocking specific websites I have not done that for years, and stay well away from any website blocking software, for the simple reason that sometimes I want to visit websites that are included in blocklists.
     
Loading...