Jump to content

Blocking TLDs


Go to solution Solved by Schulte,

Recommended Posts

Posted

Google recently started selling .zip and .mov TLDs and I don't want to bother with blacklists or ad blockers to block those domains.

I'm currently using Kaspersky Plus and I tried adding "*.zip" and "*.mov" rules in Safe Browsing but it doesn't seem to work properly. Is there a way to add something like a DNS entry to completely block those TLDs be it web traffic or not?

Posted

Thank you @nexon but I'm looking for a way to completly block specific TLDs. Not all of my relatives are tech savy and I don't want to take any risks with them. No self-respecting company would touch those TLDs with a ten foot stick anyway so it's best to just block it completely.

I tried the Hosts file but it doesn't support wildcards so it would be really great if there is a way to block them from Kaspersky interface without installing something else.

  • Solution
Posted

Hello @whygoogle,

after your question I also started a test.

The only way I see at the moment is through the module 'Anti-Banner'.
For my test I have entered all 'de' domains under 'Settings->Privacy settings->Anti-Banner->Blocked Banners'. URL: '*.de*'
 

Spoiler

image.thumb.png.9dc66e1c89844421ff7d96e86005f9a3.png

Spoiler

image.thumb.png.fa1e2458180a61640530df613c0a2676.png

The result is that I only get an empty window after calling it (Script Injection is disabled on this machine).
The report shows the following after three attempts:
 

Spoiler

image.thumb.png.f26c4f524fd2cc3d196e6d18e0d50a79.png

Maybe it is not the solution you are looking for, but certainly worth a try.
You surely have the possibility and own ideas to start tests.

I suspect the ill-fated TLDs will be treated/blocked similarly or the same.

  • Like 4
Posted

Thank you very much @Schulte . That seems to be the best way to do it without installing a DNS server and configuring it etc.

  • Like 1
Posted

Hello @whygoogle,

if you dare to try, it would be nice if you report back to us.

It would be quite possible to get unexpected results.
What happens if you want to order a replacement zipper for the jacket or movie tickets, for example?

  • Like 1
Posted
15 hours ago, Schulte said:

Hello @whygoogle,

if you dare to try, it would be nice if you report back to us.

It would be quite possible to get unexpected results.
What happens if you want to order a replacement zipper for the jacket or movie tickets, for example?

I've tried a few more options after I marked it solved but there doesn't seem to be a way to do it the way I want using Kaspersky. Using the Anti-Banner seems to be hit or miss, sometimes it completely blocks the page and sometimes it only blocks a few things like CSS and JS files (and it doesn't work at all with redirects).

I don't have a Raspberry Pi or something similar to act as a DNS server for my router right now so I just installed DNS proxies on my machines and set it to block *.zip and *.mov domains and it works perfectly.

Spoiler

l0OEA3U.png

That domain in the screenshot is used for protesting against such TLDs, but if it's against the rules I can reupload a blurred version.

If anyone wants to replicate what I did, I used Acrylic DNS Proxy on Windows machines and dnsmasq on Linux. Former is an open-source software and latter is available on pretty much every distro. There are not many alternatives for Windows but any software that works as a "DNS proxy" will do the same thing and they are much easier to set up than full blown DNS servers

For the Anti-Banner, " *.zip/* " and " *.mov/* " rules seems to work best, that also prevents URLs like a1.zippo.example.com/xyz/abc.html and example.com/test.zip/index.html from getting blocked.

 

 

  • Like 1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...