OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: Marcel_75 on November 20, 2019, 09:05:44 am

Title: BIND with DNSBL – more detailed information about DNSBL types?
Post by: Marcel_75 on November 20, 2019, 09:05:44 am

Hi all,

I'am using BIND with DNSBL to avoid tracking and ads inside my private network (no more need to install "uBlock Origin" on every Browser / every device).

It's still not as good as Pi-Hole or PFblockerNG on PFsense, but a beginning …  ;)

But I'am wondering where to get more information about all the different options (AdAway List, AdGuard List, … – see attached screenshot).

The ad-blocking works fine so far but maybe some of these DNSBL types are not needed at all or will produce some problems?

Thanks for clarification,
Marcel

PS: IMHO it would be nice to have a clickable link in the OPNsense GUI for every source of these DNSBL types to get more information about them.

Title: Re: BIND with DNSBL – more detailed information about DNSBL types?
Post by: mimugmail on November 20, 2019, 09:39:39 am

The links are here:
https://github.com/opnsense/plugins/blob/master/dns/bind/src/opnsense/scripts/OPNsense/Bind/dnsbl.sh

I can add some more if you have a list

Title: Re: BIND with DNSBL – more detailed information about DNSBL types?
Post by: Marcel_75 on November 20, 2019, 05:41:20 pm

Great, many thanks for the link.  :)

Here are some projects / sites, which could be added (would be nice):

Someone Who Cares (maintained by Dan Pollock)
https://someonewhocares.org/hosts/hosts

Peter Lowe’s Ad and tracking server list
https://pgl.yoyo.org/adservers/serverlist.php?showintro=0;hostformat=hosts

MVPS HOSTS file (former Microsoft MVP 1999-2012)
http://winhelp2002.mvps.org/hosts.txt

hpHosts database for misleading marketing, e.g. fake Flash update adverts
https://hosts-file.net/mmt.txt

hpHosts database for hijack sites
https://hosts-file.net/hjk.txt

hpHosts database for exploit sites
https://hosts-file.net/exp.txt

MalwareDomainList.com Hosts List
http://www.malwaredomainlist.com/hostslist/hosts.txt

PFblockerNG list maintained by BBcan177
https://gist.githubusercontent.com/BBcan177/4a8bf37c131be4803cb2/raw

FireHOL Level 1 attacks
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset

Ransomware IP Blocklist
https://ransomwaretracker.abuse.ch/downloads/RW_IPBL.txt

EmergingThreats compromised IPs
https://rules.emergingthreats.net/blockrules/compromised-ips.txt

EmergingThreats collection (Spamhaus, DShield, Abuse.ch)
https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt

Abuseat CBL
http://www.abuseat.org/iotcc.txt

CyberCrime tracking Command and Control
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/cybercrime.ipset

The last ones are from the follwoing article (maybe more nice lists could be found here):

http://supratim-sanyal.blogspot.com/2017/04/pfsense-pfblockerng-ultimate-list-of-ip.html

Title: Re: BIND with DNSBL – more detailed information about DNSBL types?
Post by: Marcel_75 on November 20, 2019, 05:46:45 pm

PS: Have also made a 'human readable' list (including my own comments) for everybody who is searching for the same information as I did until this morning …  8)

EasyList
https://justdomains.github.io/blocklists/lists/easylist-justdomains.txt

EasyPrivacy
https://justdomains.github.io/blocklists/lists/easyprivacy-justdomains.txt

PornAll
https://raw.githubusercontent.com/chadmayfield/my-pihole-blocklists/master/lists/pi_blocklist_porn_all.list

PornTop1M
https://raw.githubusercontent.com/chadmayfield/pihole-blocklists/master/lists/pi_blocklist_porn_top1m.list

AdGuard
https://justdomains.github.io/blocklists/lists/adguarddns-justdomains.txt

NoCoin
https://justdomains.github.io/blocklists/lists/nocoin-justdomains.txt

RansomWare Tracker abuse.ch (Ransomware Domain Blocklist)
https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt

MalwareDomains
http://malwaredomains.lehigh.edu/files/justdomains

WindowsSpyBlocker (spy)
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt

WindowsSpyBlocker (update)
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt

WindowsSpyBlocker (extra)
https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt

Cameleon List
http://sysctl.org/cameleon/hosts

AdAway List
https://adaway.org/hosts.txt

YoYo List
http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext

StevenBlack
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

Blocklist.site Ads
https://blocklist.site/app/dl/ads

Blocklist.site Fraud
https://blocklist.site/app/dl/fraud

Blocklist.site Phishing
https://blocklist.site/app/dl/phishing

EMD (hpHosts database for malware sites)
https://hosts-file.net/emd.txt

hphosts-ads (hpHosts database for ad- and tracking-servers)
https://hosts-file.net/ad_servers.txt

hphosts-fsa (hpHosts database for fraud sites)
https://hosts-file.net/fsa.txt

hphosts-psh (hpHosts database for phishing sites)
https://hosts-file.net/psh.txt

hphosts-pup (hpHosts database for potentially unwanted programs)
https://hosts-file.net/pup.txt

Simple Ad List (Ad filter list by Disconnect)
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

Simple Tracking List (Basic tracking list by Disconnect)
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt

The HBBTV List seems to be problematic, couldn't load this site successfully here …
https://raw.githubusercontent.com/Akamaru/Pi-Hole-Lists/master/hbbtv.txt

Title: Re: BIND with DNSBL – more detailed information about DNSBL types?
Post by: zgQTSf2PHyHt on December 21, 2019, 04:07:31 am

I second the addition of the above DNSBLs.
The current DNSBLs are inadequate for my needs.