"Sys Admins" - Deployed ad-blocking on your networks?

visibleman

visibleman

visibleman

Soldato
Joined
3 Jun 2005
Posts
3,287
Location
The South
Hi all,

There's a bit of noise in the community around deploying ad-blocking in terms of security to help thwart malware/ransomware that is punted through ads (big rise at the minute) and it's got a few of us thinking about it the office today and if it's something we should look into possibly putting in place although there's some valid concerns.

So a quick one of the admins here - has anyone actively deployed ad-blocking, either locally through browser extensions or via DNS, to their (company) networks/systems? If so, what route have you gone and what products or services are you using? Have you seen any positives deploying it? And more importantly, has it caused you any problems either with staff or sites breaking etc?

Cheers all :)
 
It's only an idea we're bouncing around, after one of us read a Twitter thread from SwiftOnSecurity (https://twitter.com/SwiftOnSecurity/status/1616133885305450496), and now wondering if it's something we should actively be doing (rather than leaving it to our EPP) given the recent increase in hijacked ads, what we've seen in logs and various agencies (NSA for example) suggesting you block "unnecessary advertising".

GaryTheSnail said:
What are the valid concerns?
Click to expand...
I'm all for it but some are thinking about issue with it breaking sites but, i think having a fairly robust whitelist (eg - all "org" related sites) upon deployment would in theory only leave edge cases which you deal with when they crop-up.
There's also the question of what we deploy but it's likely to be DNS-based given we're an Apple org (so Safari all around) and there isn't a whole load of options to do it via plugins/extensions.

With your Pi-hole deployments, is that bare metal or have you gone down the Docker route? Have you had an issues with implementing and maintaining and/or users?
And do you deploy anything to your larger orgs or is it purely smaller-user orgs you're dealing with?

Rroff said:
I've noticed a lot of the tabloid type news sites and other sites with similar ad provisioning are serving a small number of hijacked ads lately....
Click to expand...
Similarly but it's not something we've really thought too much about. I'm guessing you're not actively blocking ads on your network?
 
You must log in or register to reply here.
Back
Top Bottom