Op 30-10-2017 om 21:50 schreef gregfod@airmail.cc:
> Hi,
> I'm new to this area, but I would like to filter some traffic.
> The goal is to keep people secure while web browsing, not to censure.
> And also enable better privacy, mainly stop "malware" and
> tracking/ads as restrictively as possible.
>
> I have 3 questions, in case someone here has the time to answer me:
>
[snip]
> 2. If the right approach is blacklisting domains, then what list
> do OpenBSD users recommend to use? People seem to be using these
> two, but I would like to know the opinion from OpenBSD users:
> http://www.malware-domains.com/files/
> https://hosts-file.net/?s=Download
> 3. There's any well designed tool that I can automatically update
> these lists (using pledge and signify, for example), or a simple shell
> script is enough?
I use the blocklists from emergingthreats.net. Is already in a format
that Works wonderfully.
http://rules.emergingthreats.net/fwrules/emerging-PF-ALL.rules
Just fetch them through a cron job, include them in pf.conf and reload
pf.conf. And yes, you would have to trust...
Good luck.
Erik
No comments:
Post a Comment