Friday, April 8, 2016

Oops

I sometimes slip up and add some hosts into my blocking hosts file that I later regret adding.  Here are two of them that hopefully won't crawl in again and the actions I took to prevent it from happening again in the future:

cdn.taboola.com:
I put it in the header and commented out the block.  In the past this did cause problems for me.  Now it is down to the nuisance level.  I have also added the host name to my NoBlock list to make sure it doesn't get inadvertently ever added again.  Do other blocking hosts file have it active at all times?  Yes.  I leave it up to users.  I am assuming that all users of blocking hosts file know how to use DNS lookup and many other things.  Example: om.symantec.com.  It is NOT in the symantec.com domain, e.g.:

$ hdns om.symantec.com
om.symantec.com is an alias for symantec.com.d1.sc.omtrdc.net.
symantec.com.d1.sc.omtrdc.net has address 192.243.250.65
symantec.com.d1.sc.omtrdc.net has address 192.243.250.16

It is in alias to a host in the omtrdc.net domain which like the 2o7.net domain before it are both DNSWCD (DNS WildCard Domain).  By that I mean that any characters before either the domain itself or a subdomain (most of mine for this domain are in the subdomains d1.sc.omtrdc.net and d2.sc.omtrdc.net but some just have the sc.omtrdc.net and then what ever the customer uses) yields an IP address in DNS whether it is used or not.  Example:

$ hdns dfasdjfja.d2.sc.omtrdc.net
dfasdjfja.d2.sc.omtrdc.net has address 192.243.250.20
dfasdjfja.d2.sc.omtrdc.net has address 192.243.250.66

No such host is used or exists, yet you get IP addresses.  Things like this are learned by just adding more and more knowledge all the time.  I expect people to know that, but more to the point see the next one.

imasdk.googleapis.com:
I will no longer make blocking it even an option.  IOW, the host is now in my NoBlock list and that is where it is staying.  Since it is used to track us I may sneak up on blocking the tracking it is doing that I don't like in the PAC filter.  Even more likely though is that blocking it caused so many problems I will just let them track people.  But I will never again block the host cold.  Most people on Windows only use my blocking hosts file any more anyway.  This host should never be blocked cold.

Somebody besides me should have told me that blocking this host causes severe problems!  I cannot see everything all the time.  Mistakes happen much more rarely now but they still happen.  Nobody (except maybe God) is perfect.

Sorry!