Block access to .zip and .mov domains

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
View previous topic :: View next topic  
Author Message
gin-n-tonic
DD-WRT User


Joined: 30 Jun 2014
Posts: 61
Location: California
PostPosted: Sun May 21, 2023 2:11    Post subject: Block access to .zip and .mov domains Reply with quote
This month, Google registered eight new top-level domains including .zip and .mov which may cause confusion and a security risk. See https://arstechnica.com/information-technology/2023/05/critics-say-googles-new-zip-and-mov-domains-will-be-a-boon-to-scammers
Users could click on a link in a document or email thinking it leads to a file, but instead it takes them to a website - which could be malicious.

I think it is a good idea to block all access to .zip and .mov domains for the time being. Dnsmasq makes this easy. I added the following lines to Services> Services> Dnsmasq Infrastructure> Additional Options:
Code:
address=/zip/0.0.0.0
address=/mov/0.0.0.0

This seems to work. Please let me know if there is a better method.
Back to top View user's profile Send private message
Sponsor
dale_gribble39
DD-WRT Guru


Joined: 11 Jun 2022
Posts: 1940
PostPosted: Sun May 21, 2023 3:16    Post subject: Reply with quote
Well, shit. I wanted to register https://dd-wrt.is-on-the.mov

So much for that bright idea. <roll> <wink> <lol>
_________________
"The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost

"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio

<fact>code knows no gender</fact>

This is me, knowing I've ruffled your feathers, and not giving a ****
Some people are still hard-headed.
--------------------------------------
Mac Pro (Mid 2012) - Two 2.4GHz 6-Core Intel Xeon E5645 processors 64GB 1333MHz DDR3 ECC SDRAM OpenSUSE Leap 15.5
Back to top View user's profile Send private message Visit poster's website
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6440
Location: UK, London, just across the river..
PostPosted: Sun May 21, 2023 10:08    Post subject: Reply with quote
depends from the router you can use ipset rules too... https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261

much faster and better i think.. Cool
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum