- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Facebook blacklisting
Posted on 2/21/21 at 8:48 am
Posted on 2/21/21 at 8:48 am
Just sharing something interesting;
That amount of attempts Facebook tries to exfiltrate data is *almost* surprising.
I ran across this facebook blacklist
a few days ago, It seemed like a good compliment to my blanket DENY *.facebook.com rule.
Basically, Facebook has not allowed on my home network...especially for my 13yo son... The preloaded app was on his Samsung phone, so I put the blacklist on the pi-hole DNS server that serves his devices to track the number of hits from his vlan.
There are literally thousands of DNS hits per day for web.facebook.com and many others on this blacklist all emanating from his phone.
I just find it interesting the lengths they go to steal data.
And Yes my son is well aware of 3 basic things;
#1 He knows what his Mom and I both do for a living (I have been an IT pro since '84 and his Mom since 95).
#2 ALL activity is monitored and recorded
#3 ALL devices are subject to inspection without notice and may/will be permanently taken/destroyed at will.
That amount of attempts Facebook tries to exfiltrate data is *almost* surprising.
I ran across this facebook blacklist
a few days ago, It seemed like a good compliment to my blanket DENY *.facebook.com rule.
Basically, Facebook has not allowed on my home network...especially for my 13yo son... The preloaded app was on his Samsung phone, so I put the blacklist on the pi-hole DNS server that serves his devices to track the number of hits from his vlan.
There are literally thousands of DNS hits per day for web.facebook.com and many others on this blacklist all emanating from his phone.
I just find it interesting the lengths they go to steal data.
And Yes my son is well aware of 3 basic things;
#1 He knows what his Mom and I both do for a living (I have been an IT pro since '84 and his Mom since 95).
#2 ALL activity is monitored and recorded
#3 ALL devices are subject to inspection without notice and may/will be permanently taken/destroyed at will.
3
Posted on 2/21/21 at 9:08 am to dakarx
Yep. I put a deny all facebook rule on my nextdns config.
I don't use Facebook and it's crazy what is still blocked.
I don't use Facebook and it's crazy what is still blocked.
Posted on 2/21/21 at 12:28 pm to dakarx
I wish I knew how to do that.
Posted on 2/21/21 at 1:38 pm to kengel2
quote:Get yourself a Raspberry Pi kit (with case, power adapter, etc), a microsd card, and follow the directions for installing pi-hole.
I wish I knew how to do that.
Pi-hole is a DNS server that you run inside your own network. A DNS server is a computer/program that converts a domain name into an IP address so that your computer knows where to find it. Usually your router is configured to use the DNS server provided by your ISP, but you can manually override the DNS server that you'd like to use. In the case of Pi-hole, you would tell your router to use your Pi-hole as your network's DNS server. After that, devices configured to get their IP address and DNS info from your router will use your Pi-hole for DNS. You can then blacklist whatever domains you want.
It can sound complicated, but if you just follow the instructions you should be able to get it up and running.
Posted on 2/21/21 at 1:38 pm to kengel2
quote:
I wish I knew how to do that.
Edit your windows/etc/host file with all of the IP addresses in that link.
Posted on 2/21/21 at 2:05 pm to dakarx
I tried running OpenDNS by setting up an account and replacing the dns in my router but charter uses some kind of dns frickery that needs their servers to operate properly.
Are you saying I can fire up an old pi I have laying around and use pi-hole, and then just edit the dns on all the clients to use that, while keeping the ISP dns on the router?
Hmm I've never thought of that, is there any other types of pi dns like OpenDNS that maintain a safe list and update it in real time?
I'm guessing the pi list would have to be updated manually?
Are you saying I can fire up an old pi I have laying around and use pi-hole, and then just edit the dns on all the clients to use that, while keeping the ISP dns on the router?
Hmm I've never thought of that, is there any other types of pi dns like OpenDNS that maintain a safe list and update it in real time?
I'm guessing the pi list would have to be updated manually?
This post was edited on 2/21/21 at 2:06 pm
Posted on 2/21/21 at 2:43 pm to Korkstand
Will that block facebook completely? The wife might not like that, or does it just block them trying to get info?
Posted on 2/21/21 at 2:56 pm to kengel2
Depends on what you want, it will block whatever you tell it to.
I think by default Pi-hole only blocks known advertising domains, so it'll work like adblock for your whole house. I'm not sure if OP's blacklist blocks facebook.com itself or if it just blocks all of their ad and tracking domains.
Also switching to mobile data on a phone would bypass your pihole completely. If you want full-time blocking on a phone, it will have to be configured on the device itself either via an app or other means.
I think by default Pi-hole only blocks known advertising domains, so it'll work like adblock for your whole house. I'm not sure if OP's blacklist blocks facebook.com itself or if it just blocks all of their ad and tracking domains.
Also switching to mobile data on a phone would bypass your pihole completely. If you want full-time blocking on a phone, it will have to be configured on the device itself either via an app or other means.
Posted on 2/21/21 at 6:07 pm to Korkstand
The Pi-hole package is just a DNS server and a lightweight webserver... it will run on any Pi. I've tested it on them all from the original Pi Model A (256M) version on up..
Images or fully automated install scripts are available.
Images or fully automated install scripts are available.
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News