Prev Previous Post   Next Post Next
  #21  
Old 19th March 2010, 04:03
Elixa Elixa is offline
Junior Member
 
Join Date: Mar 2008
Posts: 6
Thanks: 0
Thanked 3 Times in 3 Posts
Wink How to selectively stop a DNS request from being made … with Windows and / or IPCOP.

How to break / block PowerDVD v6, Internet Download Manager (IDM), Windows, IPCOP & IPCOP addons / plug-ins, from looking for updates and / or whatever else they might be doing behind your back.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Both Windows & IPCOP have a similar way to hardwire break a DNS lookup …

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The “Windows hosts file” can be found in the folder …

C:\WINDOWS\system32\drivers\etc … hosts

Usually used to redirect DNS requests this file can also be used to hardwire break a connection request by directing the request to the loopback address instead …ie 127.0.0.1

Below is a simple set of addresses that I use in the “hosts” file ... which insures that these requests never make it out (into the www) … because despite having blocked the application via some personal internal firewall … the request / lookups were still being made … until now. (Modifications require a reboot to take effect). Use most any basic Windows text editor to modify the file.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

################################################## (start of example)
##################################################

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

##################################################
###### Microsoft - ET Phone Home

127.0.0.1 crl.microsoft.com

##################################################
###### PowerDVD v6 - ET Phone Home

127.0.0.1 liveupdate.gocyberlink.com

127.0.0.1 detect.gocyberlink.com

##################################################
###### Microsoft - ET Phone Home (MS & Adobe both use crl.verisign.com)

127.0.0.1 crl.verisign.com

127.0.0.1 csc3-2004-crl.verisign.com

##################################################
###### Internet Download Manager - update

127.0.0.1 www.internetdownloadmanager.com

127.0.0.1 internetdownloadmanager.com

127.0.0.1 registeridm.com

##################################################
################################################## (end of example)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IPCOP has a similar app / tool / method that accomplishes the same thing … built in … via “dnsmasq” … but the default IPCOP install gives no configuration file for it to follow. Should IPCOP be directed to use / implement “dnsmasq” … its configuration file would be located in …

/etc … dnsmasq.conf

In order to make use of the built-into-IPCOP “dnsmasq” utiltily … all you have to do is make a “dnsmasq.conf” file & place it in the folder “/etc” … using similar syntax within the file as shown in the example below.

Every time IPCOP starts up it called out for updates & some of the plug-ins did so also upon viewing them via the IPCOP gui … so with the use of another upstream IPCOP the following list (below) was harvested / compiled. (DNS requests can also be viewed within the IPCOP gui … via “Logs/System” … then change “Section:” to “DNS” … then click the “Update” button)

With a Linux text editor (Windows made files may error) … perhaps from your favorite SSH – sftp client, create the file in the IPCOP folder “/etc” … named “dnsmasq.conf” and add the following to it … (or download the file attached below and copy it to “/etc”)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

################################################## (start of example)
##################################################

################################################## #############################


################################################## #############################
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

# See ... /var/log/messages ... For debugging info.

# For debugging purposes, log each DNS query as it passes through dnsmasq.
log-queries

# Log lots of extra information about DHCP transactions.
# log-dhcp

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
################################################## #############################

# IPCop - Stop IPCop from looking for update.
address=/www.ipcop.org/127.0.0.1
# address=/sourceforge.net/127.0.0.1
# address=/vhost.sourceforge.net/127.0.0.1

# IPCop - Stop UrlFilter from looking for update.
address=/www.urlfilter.net/127.0.0.1

# IPCop - Geoip update.
address=/www.maxmind.com/127.0.0.1

# IPCop - Copfilter -- ET Phone Home
address=/www.copfilter.org/127.0.0.1
address=/www.copfilter.org/LATEST-VERSION/127.0.0.1

# IPCop - Advanced Proxy version check.
address=/www.advproxy.net/127.0.0.1
address=/www.advproxy.net/version/ipcop/latest/127.0.0.1

# IPCop - IPTables GUI - update check
address=/ipcop-addons.ath.cx/127.0.0.1

# Web - Redicecreations.com, map spyware from, NoZone, Inc. Chicago IL.
address=/maps.amung.us/127.0.0.1
address=/whos.amung.us/127.0.0.1

# Software - HP Printer Update
# address=/www.hp.com/127.0.0.1
# address=/www.hpgtm.nsatc.net/127.0.0.1

# Firefox & Addons
address=/addons.mozilla.org/127.0.0.1
address=/fxfeeds.mozilla.com/127.0.0.1
address=/www.firefoxdownload.com/127.0.0.1
address=/firefoxdownload.com/127.0.0.1

# Firefox (New v3.5.2)
# address=/sb-ssl.google.com/127.0.0.1
# address=/ocsp.thawte.com/127.0.0.1
# address=/ocsp.verisign.net/127.0.0.1
# address=/www.verisign.net/127.0.0.1
# address=/verisign.net/127.0.0.1
# address=/www.verisign.com/127.0.0.1
# address=/verisign.com/127.0.0.1
# address=/www.squidguard.org/127.0.0.1
# address=/squidguard.org/127.0.0.1
# address=/www.stopbadware.org/127.0.0.1
# address=/stopbadware.org/127.0.0.1

# Google - ET Phone Home
# address=/sb.google.com/127.0.0.1

# PowerDVD v6 - ET Phone Home
address=/liveupdate.gocyberlink.com/127.0.0.1
address=/detect.gocyberlink.com/127.0.0.1

# Macromedia -- ET Phone Home
address=/crl.verisign.com/127.0.0.1
address=/www.adobe.com/127.0.0.1
address=/www.macromedia.com/127.0.0.1
address=/adobe.omniture.112.2o7.net/127.0.0.1

# Alcohol 120% - ET Phone Home
address=/www.alcohol-soft.com/127.0.0.1
address=/vodka.alcohol-soft.com/127.0.0.1

# Internet Download Manager - update
address=/www.internetdownloadmanager.com/127.0.0.1
address=/registeridm.com/127.0.0.1

# Microsoft - ET Phone Home
address=/crl.microsoft.com/127.0.0.1

# Microsoft - ET Phone Home (MS & Adobe both use crl.verisign.com)
# address=/crl.verisign.com/127.0.0.1
address=/csc3-2004-crl.verisign.com/127.0.0.1

# Microsoft - ET Phone Home
address=/www.download.windowsupdate.com/127.0.0.1
address=/www.download.windowsupdate.nsatc.net/127.0.0.1
address=/mscom-wui.vo.llnwd.net/127.0.0.1

# Microsoft - Windowsmedia ET Phone Home
address=/autoupdate.windowsmedia.com/127.0.0.1
address=/codecs.microsoft.com/127.0.0.1

# Microsoft - Office ET Phone Home
# address=/www.office.microsoft.com/127.0.0.1
# address=/office.microsoft.com/127.0.0.1
# address=/www.support.microsoft.com/127.0.0.1
# address=/support.microsoft.com/127.0.0.1
# address=/www.support.microsoft.akadns.net/127.0.0.1
# address=/support.microsoft.akadns.net/127.0.0.1
# address=/www.microsoft.com/127.0.0.1
# address=/microsoft.com/127.0.0.1
# address=/www.js.microsoft.com/127.0.0.1
# address=/js.microsoft.com/127.0.0.1
# address=/www.i.microsoft.com.edgesuite.net/127.0.0.1
# address=/i.microsoft.com.edgesuite.net/127.0.0.1

# ZoneAlarm - ET Phone Home
address=/zonelabs.com/127.0.0.1
address=/cm2.zonelabs.com/127.0.0.1

# Filseclab - ET Phone Home
address=/filseclab.com/127.0.0.1
address=/messenger3.filseclab.com/127.0.0.1
address=/onlineres.148.hh82.com/127.0.0.1

# Gravatar - Tracking Avatar (Suspicious Behavior)
address=/gravatar.com/127.0.0.1
address=/www.gravatar.com/127.0.0.1
address=/en.gravatar.com/127.0.0.1
address=/www.en.gravatar.com/127.0.0.1

# CounterStrikeCZ - ET Phone Home
address=/207.173.177.11/127.0.0.1
address=/207.173.177.12/127.0.0.1
address=/11.177.173.207.in-addr.arpa/127.0.0.1
address=/12.177.173.207.in-addr.arpa/127.0.0.1
address=/steam1.steampowered.com/127.0.0.1
address=/www.steam1.steampowered.com/127.0.0.1
address=/steam2.steampowered.com/127.0.0.1
address=/www.steam2.steampowered.com/127.0.0.1
address=/hlmaster1.hlauth.net/127.0.0.1
address=/www.hlmaster1.hlauth.net/127.0.0.1
address=/half-life.east.won.net/127.0.0.1
address=/www.half-life.east.won.net/127.0.0.1

##################################################
################################################## (end of example)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Add / Remove / Modify the list to match your personal needs. Placing a “#” at the beginning of any line, disables the command.

Such as Windows … Modifications to IPCOP’s “dnsmasq.conf” file require a reboot to take effect.

Now that these blocks are in place … these listed DNS requests return INSTANT FAILURE.

This is by far much more of a block then if it were done with a plug-in such as “UrlFilter” … because, absolutely nothing gets out!!!

-
Attached Files
File Type: zip dnsmasq.zip (1.3 KB, 192 views)
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 23:26.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.