One of my security controls in my home lab is to block certain DNS traffic (and IP address-based traffic, of course). It is basically ads and malware related traffic that I filter. A convenient place to do this, is the network perimeter. Adding protection here, safeguards all clients (laptops, gaming consoles, smartphones, etc.) within the network. Currently, I am using a pfsense package called pfBlockerNG [1], which blocks DNS traffic for me. pfBlockerNG blocks whatever domain names (and IP addresses) are configured. For this purpose I consume block lists, which are continually updated.

Some of the block lists I use and recommend:

This list is incomplete, but demonstrates many available options to implement cheap/free IP address and DNS-based filtering using up-to-date threat intel. information.