Hi, I'm interested on extended use of URL/IP blacklisting, as part of a universal free security setup for my friends and family. I'm looking to make it simple, lightweight, automated for them, and easily maintainable, hassle-free for me. Currently, i'm testing a MBAE-ed, slightly hardened Chrome and web filtering (in its broad sense) is based on: a) Norton DNS b) Panda URL Filtering c) Chrome's Safe Browsing d) uBlock Origin (all but "Social" and unnecessary regional 3rd-party filters enabled - Dynamic Filtering disabled) e) Adguard extension (only "Phishing and Malware Protection" is enabled - nothing else) f) Bitdefender Trafficlight (all but "Facebook and Twitter Protection" enabled) g) Avira Browser Safety (Trackers Blocking disabled using this trick) Given that: i) malware and phishing protection is the primary objective (and the sole purpose of this thread) ii) utilizing both HOSTS lists of uBlock + "Phishing and Malware Protection" of Adguard (WOT, Safe Browsing, Yandex) is the only reason for using both extensions iii) btw, ads and trackers are blocked exclusively by uBlock iv) partial redundancy is unavoidable what would you add (PeerBlock with only malware-related lists enabled? other extensions? ) or remove (because of total redundancy)? Couple of questions: 1. Is this list of WOT's Trusted Sources outdated? Because if it's current, then a) this thread is of little value (aka: WOT FTW), and b) why would Adguard cite three separate reports? - (frankly, WOT's weighting system is still unclear to me) 2. In the presence of Adguard, should i disable Chrome's Safe Browsing (redundant) or there is more than meets the eye?
I use to use K9 Web Protection, and it has very robust filtering. It currently says it filters more than 70 categories on their website. It filtered pornography, and malware sites better than my Netgear Prosecure UTM did. The question is will it filter sites that your Norton DNS may miss. I have never used Norton DNS before. http://www1.k9webprotection.com/
K9 Web Protection made by Blue Coat is an excellent web filter. It can be used to block malware, spyware, hacking and phishing websites as well as of course pornography and other undesirable content. Its easily configurable and of course it offers free web protection.
I recommend K9 Web Protection as well. It does an amazingly good job at keeping you protected from bad links and also runs light on the system.
My preference: Adguard (Paid) excellent spyware filter along side Ublock with dynamic filtering on browsers = Light and Bright! Also use OpenDNS (Phishtank) on router and systems for prevention of Phishing sites.
Thanks for recommendations so far! Re K9 Web Protection, IIRC, it intercepts web traffic (=>renders W7FW Outbound Control useless), right? If that's not the case (had briefly installed it a couple of years ago), then i should definitely try it. I need to come up with a universal setup, i.e. independent of Win7/8/8.1 Edition, bitness, experience and financial ability. I can't remotely maintain 8-10 different setups. So it has to be a free one. OpenDNS is something to try out. Thanks.
I did a test and discovered that all lesser AV-'s use the generic available blacklists. Also when you use Chrome, most general available black lists are redundant (except for HpHost because most AV's don't seem to touch MBAM blacklist for public relation reason I guess). Have a look at see http://www.pcmag.com/image_popup/0,1871,iid=428783,00.asp to get an idea of its effectiveness (remember HpHost is powered by MalwareBytes) So you could stack up the crazy URL blocklist below (what is ineffective in the stacked URL blocklist I have put in red) Norton DNS Panda URL Filtering K9 Webprotection (when you use Norton DNS and Panda URL filter plus Adguard with Yandex fed blacklist of Sophos, it is sort of redundant) Chrome Safe Browsing (already included in AdGuard) uBlock (only use HPhost and the specific anti-ad filters, rest is redundant and Avast has better anti-tracking) AdGuard (with Yandex you get Sophos and with WOT you get Phistank) Avast Safe Online Bitdefender Traffic Light Avira (URL filtering is a numbers game, more users, more URL's fed by users helping the automated crawlers) Regards Kees Notes 1) I would replace ublock by uMatrix and don't block third party (allow everything). Enable HpHost as third party filter (disable all othersexcept MalwareBytes URL filter) and benefit of the additional privacy options uMatrix offers over uBlock. When you would do that, you should enable advertisement filtering in Adguard. 2) Disabling the safe search options in Avast, Bitdefender and Avira (see below) seems to improve performance slightly, when user navigates to website, block will kick in and user is not confronted with possibly contradicting values (e.g. Bitdefender says OK, Avast OK, Avira says NO). 3) When you are in German speaking region, Avira is a great extension and should be included.
I would not recommend K9 web protection as it is a complete nightmare to uninstall.Several searches confirm this activity.
@Windows_Security: The kind of information i was looking for! I do realize that it's going to be a quite extensive, exhaustive, crazy list, but i am dealing with a dozen of sworn happy-clickers. The more stops i can get for/to them, the better. It seems that Adguard is filling up its blacklist in a selective way. So, i'll probably keep Chrome's Safe Browsing enabled anyway. OT comment: I thought that uBlock merges its (3rd party) lists. No? Great suggestion (based on your pcmag link)! Not sure about 1) (usability issues...), but going to definitely follow your advice on 2). Many thanks!
OT remark) Yes uBlock merges list, so no redudancy 1) Decided to try today the third on the latest addition list of HPhost, according to your post this should be on WOT after 24 hours (so will check tomorrow on the HpHost blacklisted site) WOT does not know the site (yet), while it is obvious a bad site see pic (have removed link to website for TOS) Tried an older entry from malware domain list and WOT did mark it as bad site,
Yes, it's hard to explain that (on purpose) delay, since the 3rd-party sources are already assigned with a different (fixed, i guess) weight. That's also the reason why Adguard cites 3 different reports.
Still with Norton DNS, Chrome's Safe Browsing and just WOT, you got a lot of stuff covered without any hassle. An advantage of WOT is that it shows it ratings with Startpage Search also. Tested site and Yes it is now marked as bad site in WOT, so the sources you mentioned seem stil valid, with 24 hour delay. So better to keep Chrome's Safe Browsing on also.
I went ahead and installed K9 (only malware/phishing-related enabled). I like it so far. No conflicts with Norton DNS and Panda URL Filtering -more testing needed. Not sure how it works -i thought it was using some kind of local proxy like older Avast Web Shield was using. Guess i will have to search WS for dedicated threads. Indeed and intended (to do).