Am Fri, 18 Oct 2013 18:02:55 -0500 (CDT)
schrieb Eric Johnson <eri...@mathlab.gruver.net>:

> On Sat, 19 Oct 2013, Stefan Wollny wrote:
> 
> > Hi there,
> > 
> > having a personal dislike of Facebook (and the MeeToo-systems alike)
> > for their impertinent sniffing for private data I tried on my
> > laptop to block facebook.com via hosts-file. Interestingly this
> > failed: Calling "http://www.facebook.com"; always resulted in a
> > lookup for "httpS://www.facebook.com" and the respective site
> > showed up in the browser (tried firefox and xombrero).
> >
> > ...
> > 
> > Curious if there is a particular (Open)BSD solution or simply how
> > you 'guys and gals' would do it.
> > 
> > Thank you for sharing your thoughts.
> 
> One possibilty off the top of my head would be to log all DNS
> requests to syslog and then use syslogc to get a live running stream
> of DNS requests from a syslog memory buffer.  Then whenever you see a
> DNS request for anything to do with facebook, add the ip address of
> the requestor to a pf table and block their web browsing.  After
> about three to five minutes, remove the ip address from the table.
> 
> If every time they try to access facebook, their web browser quits
> working for a few minutes they might get the message.
> 
> Eric
> 

Hi Eric,

sounds pretty nifty to me - this is s.th. I might use at another
site next year. But for my home-network probably a little oversized
(though a good learning exercise :-) ).

Anyway: Thank you for sharing!

Regards,
STEFAN


Mit freundlichen Grüßen,

STEFAN WOLLNY

Regulatory Reporting Consultancy
Tel.: +49 (0) 177 655 7875
Fax.: +49 (0) 3212 655 7875
Mail: ste...@wollny.de
GnuPG-Key ID: 0x9C26F1D0

Reply via email to