Best way to block some gaming sites
-
I have both Suricata and PFBlockerNG installed. I am trying to determine the best way to block specific gaming sites ( not all ) on my LAN. I don't know where to start and which one will be the most effective. I am specially trying to block Epic Games' Fortnite. Thanks
-
A very quick way to block something is to create a DNS zone for it that points to 127.0.0.1 or some other not-real address, or maybe a local web server with a "don't visit this site at work" page. Maybe epicgames.com in this case? Not really sure what domain it actually plays on....
-
@vacquah said in Best way to block some gaming sites:
Fortnite
Your best bet would be to sniff to see exactly what is being used for this game, the fqdn that are being queried for, and or ports used, etc. More than likely this is hosted on some CDN somewhere.. My guess would be AWS.
Then sure a simple host override on pfsense dns to send this fqdn to nowhere, ie loopback or 0.0.0.0 or even sure somewhere that presents a info page on 80/443 to not use company bandwidth, etc.
Only problem with dns blocking - is you have to make sure your clients can not use some other sort of dns to resolve it. So you have to force all clients to use pfsense via dns redirection, and or only allow dns to pfsense and block all others.
There is always away around.. You could tunnel out on 443 for example, you could use dnscrypt via some open port, etc. But a dns block and or simple blocks of the ports it uses if they are specific and not standard ports like http/https can stop the vast majority of typical users. Problem is once user figures out how to bypass your restrictions it spreads fast!!!
Content filtering and or blocking is normally always an uphill battle that is hard to win.. If users want out, they normally can find a way. This day an age though users just going to play the game on their phones via their cell connection. But atleast then they are not using company resources and bandwidth ;)
Good Luck!!!