I use this web site's URL blacklist and load it into Eset's web filter: http://ransomwaretracker.abuse.ch/blocklist/ . This site's blacklists are updated every 5 mins.. Most recent URL blacklist download(today) showed 1435 URLs. Interestingly, I have been using this blacklist for a while and never received a block alert from Eset. I also just click away when it comes to accessing web sites.
Lists are display in a browser web page as text upon download. Just copy web page details and save in notepad as a .txt file removing any comment lines. I then just import the .txt file to a user list I created in Eset's web filter. If your security solution only allows importing in hosts file format, you would have to add a 0.0.0.0 prefix so each line entry appears as "0.0.0.0 www.xxxxxxx.com" less the quotes. Note that a space exists between 0.0.0.0 and the URL. As an alternative, you can also just add above to your OS hosts file if your security solution doesn't allow URL additions.
I am using agnitums outpost firewall and hope to add it to the "ip blocklist" it has for adding single urls manually. Hopefully i can import it instead.
Too much hassle for too little protection. Don't mind but for me who even doesn't use an AV, it is totally waste of time in my opinion.
No joy importing just a blank list. Tried editing the my current manual one and the ransomware sites are not picked up. I guess someone else will have to look at this as its beyond my capability for now.
I believe the Outpost list is for IP addresses only? So you would have to download the corresponding IP address list from the above posted link. Also, Outpost IP blocking list import might require the file to be in hosts file format as I noted previously; I know Emsisoft requires this. When I have to add a 0.0.0.0 prefix, I just use Excel and dup the 0.0.0.0 I entered in the first row of the column I inserted preceding the existing IP address column into all the remaining rows.
I don't know if it's really worth the effort. On the other hand, it's a breeze to add those 3 lists to uMatrix or uBlock Origin. And I noticed that in uMatrix nearly all of their entries are used - i.e. there are practically no duplicates in the other hosts files. So why not use them ...
Using this Wilders thread as reference: https://www.wilderssecurity.com/threads/ip-blocklist-for-outpost-firewall-update.234095/ appears Outpost has some convoluted way of importing an IP blocklist. Also appears this download might not even work anymore since OP is no longer supported. Appears this downloaded Outpost IP block list is in some special format. So don't know if IPs could be added to it prior to importing into Outpost. Also it appears the import is a total replace of anything in the existing Outpost IP block list?
If these lists are being updated every 5 minutes, one can't keep manually adding the latest additions to their security solution of choice unless the lists will then be updated automatically after first import. Does that happen?
If you're referring to the Eset web filter lists, those are all static and have to be manually updated by the user. I just delete what is in my custom ransonware list and import the latest URL download from the web site. If you import the latest download on top of the existing Eset list, I believe you will end up with duplicates. You could do the above procedure once a day or week or whenever. Whatever you're comfortable with. I just checked the latest URL on the web site and over 300 new URLs added in a couple of days .......... Yikes!
Yes i used the URL list instead in the site blocking tab so seems to be okay now. thanks for the help