Seven free blocking filters for ads

Ads Subtracted

eBlocker

eBlocker [8] started as a commercial company, but in 2020 it became a free, open source project. The strength of eBlocker lies not only in ad filtering – the software also allows anonymous surfing and the protection of minors. Although it comes as a ready-to-install image for the Raspberry Pi or the Banana Pi, other platforms are not available.

The developers claim eBlocker is a plug-and-play solution for home networks. According to the marketing, the software protects all users on the local network as soon as they connect. The eBlocker website shows protected devices, filter lists, and categories.

Of all tested advertising filters, eBlocker most seriously intervenes with on-going communications. The new device acts as a standard gateway for other clients and thus (willingly) hijacks all Internet requests from the other participants.

As a classic man in the middle (MITM), eBlocker can check the data packets that flow through for advertising and malware. eBlocker reacts to encrypted connections with TLS inspection, thanks to which, it can even sniff HTTPS connections. However, this feature is not automatically active and requires a certificate on each end device that authorizes eBlocker for deep packet inspection. For anonymization purposes, eBlocker can route traffic through a VPN provider or through the Tor network.

On the downside, eBlocker gains deep insights into data communications and thus also sees passwords, bank transfers, and confidential information. Because the service is already in the communication path, the web browser will not output a certificate warning if an MITM attack actually occurs.

Furthermore, the eBlocker only protects clients it has found on the local Ethernet segment. Clients on other networks (WiFi, guest network) remain unaffected and surf the Internet without protection. Finally, not all home routers cooperate with eBlocker, and depending on the model and manufacturer, plug-and-play can become a manual setup operation.

Synopsis

eBlocker uses blatant tools to hijack client communication. As an intentional MITM, it uses a collection of ARP spoofing, SSL bumping, and DNS blocking to protect its clients from malware, advertising, and data collectors, thus proving to be an ideal supplement if the DSL router is the only line of defense on the network. eBlocker also consistently enforces the Internet rules negotiated by parents and children.

Making It Work

For the ad blockers presented here to work, the clients must use the new DNS server for name resolution or as their default gateway. If the end devices get their IP addresses by DHCP, the DHCP server now has to include the new ad blocker as a DNS server or gateway in its offerings. For static addresses, manual changes are required in the IP settings of the respective devices.

In small environments, the DSL router takes over the role of the DHCP and DNS server in most cases. If the DSL router always asserts itself as the DNS server, the clients cannot use the new DNS server. In this case, the DSL router has to give up its DHCP task. Fortunately, the ad blockers can help out. All examined systems offer a DHCP server or can at least be upgraded accordingly.

eBlocker takes a different approach, making itself the default gateway. It not only controls the DNS queries, but also has access to the complete data stream. If desired, the sniffer box will peek into HTTPS traffic, although this option is disabled out of the box.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Filter DNS queries with Blocky
    The Domain Name System is repeatedly the target of or is leveraged for attacks on corporate infrastructures; however, it also lets you protect corporate networks against attacks and malware. The Blocky DNS server sets up quickly to secure DNS queries and DNS filtering for corporate networks.
  • DNS filtering with authentication
    Filtering HTTP connections and employing traditional proxy servers can protect users from web threats but also increase latency. DNS filters would be a better option, but they lacked authentication – until NxFilter came along.
  • Solving the security problems of encrypted DNS
    DNS encryption offers WiFi users good protection in public spaces; however, in the enterprise, it prevents the evaluation and filtering of name resolution.
  • Spam protection using SpamAssassin
    The intelligent, modular SpamAssassin email filter provides a variety of advanced tests for detecting unwanted junk email.
  • Professional protection for small and mid-size enterprises
    To what extent does the Untangle NG Firewall, where apps come together like pieces of a jigsaw, meet customer criteria for protection, usability, price, and support?
comments powered by Disqus