I fix the doubleclick.* / valueclick.com / focalink.com / fxweb.com / etc
ad services at my sites by making the local DNS authoritative for those
domains. The sites never get hit once they refer to your local machines.
Not the prettiest way to solve the problem, as sometimes poorly coded web
pages will spew the now-broken links on top of valid text. I find that if
you redirect the 'evil' sites to a local web server, the resulting effect
(Not Found error) is better than diverting it to say, an NT file server.
Jon
>Since this is all outbound TCP/80 traffic, it burns right though most
>firewalls. If you try and block all HTTP to DoubleClick, many browsers
>choke and kick an error back to the user. The only real effective means
>of killing this traffic is to proxy through JunkBusters or a honeypot
>similar to my setup (detailed in my 12/19 post).
-----------------------------------------------------------------
Jon Earle (613) 612-0946 (Cell)
HUB Computer Consulting Inc. (613) 830-1499 (Office)
http://www.hubcc.ca 1-888-353-7272 (Within Canada/US)
"God does not subtract from one's alloted time on Earth,
those hours spent flying." --Unknown
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
