[petronio]

It could work, as it's pretty rare for IP addresses to be used directly and not through DNS, but that also defeats the purpose of the mechanism: it doesn't add anything of value if everyone is using DNS. Even malware writers will purchase several domain names (several for redundancy from government take downs) so that they can rotate command servers easily.

[hruzgar]

yeah kinda true. But if you had a whitelist (i know this would be very hard to maintain etc) instead of a blacklist, you could have the most secure network blocker ever created for consumers. Malware could still leak from some of the "safe" domains but it would definitely be A LOT safer than any conventional ip or dns blocking.