Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Malware source filtering?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Malware source filtering? (Read 2755 times)
dgingeri
Newbie
Posts: 2
Karma: 0
Malware source filtering?
«
on:
December 29, 2016, 08:56:13 pm »
Hello, I'm new to opnsense, but I've been using pfsense for several years now. I just wanted to ask about possible features on this router software.
For the past two years, I've been looking for a way to use the firewall feature of pfsense to block known sources of malware, particularly botnets, password stealers, and other nasty stuff, from a web based reference table that could be downloaded by the router automatically weekly to monthly. Now I've found opnsense, and I'm wondering if this is something that might be possible. It looks like opnsense might have a better ability to do this, as it has more of a business market aim.
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Malware source filtering?
«
Reply #1 on:
December 29, 2016, 09:26:06 pm »
I have no idea how your list looks like but if it is a list of URLs where the malware is downloaded, you can import the list into the proxy using a remote backlist. If it is a set of IP addresses, an alias may work.
EDIT:
If you use the proxy, you can also scan the content using an anti malware engine via ICAP.
«
Last Edit: December 29, 2016, 09:27:38 pm by fabian
»
Logged
dgingeri
Newbie
Posts: 2
Karma: 0
Re: Malware source filtering?
«
Reply #2 on:
December 29, 2016, 09:37:05 pm »
Thanks. That sounds helpful.
I was thinking of the idea of selling devices or VMs on servers loaded with opnsense to small businesses and rich home users configured to download the list, either by IP or by URL, from a website, either through a downloaded file or through a HTTP data download directly, managed by me for a small maintenance fee or with a maintenance agreement.
I would prefer to not have it be a triggered event, as that would get annoying to stay up late at night to trigger all my customers' routers to update manually.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Malware source filtering?