security in firefox4

Thu May 19 14:05:27 UTC 2011

On Thu, 2011-05-19 at 14:38 +0100, Alan Cox wrote:
> The internet works better in my experience when
> www.google-analytics.com
> (and ssl.google-analytics.com) get blocked at firewall level or stuck
> in /etc/hosts as 127.0.0.1

I do something similar with my DNS server.  I have a dead zone file,
which produces instant fails to any queries to any domain names I
associate it with.  It gives me neat, central, management of all
computers on the LAN.  My named.conf file also has these other
google-related domains:

zone "googlesyndication.com"    { type master; file  "dead.zone"; };
zone "googleservices.com"       { type master; file  "dead.zone"; };
zone "googleadservices.com"     { type master; file  "dead.zone"; };
zone "google-analytics.com"     { type master; file  "dead.zone"; };

And this is the dead.zone file:

$TTL 86400
@       IN      SOA     ns.localdomain.  hostmaster.mail.localdomain. (
                        200 ; serial
                        28800 ; refresh
                        7200 ; retry
                        604800 ; expire 
                        86400 ; ttl
                        )

        IN      NS      ns.localdomain.

Essentially, it's a wildcard "no answer" for the domain, and any
subdomain.

-- 
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.