Ever heard of PhishBlock?

Discussion in 'other anti-malware software' started by PaulBB, Oct 29, 2014.

  1. PaulBB

    PaulBB Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    708
    Found this one on SourceForge, any experience with it?
    http://sourceforge.net/projects/phishblock/?source=navbar
    http://phishblock.org/

    PhishBlock is a security program that detects and blocks Phishing, Pharming, Hacker's C&C(Command and Control) Servers which are located in databases with URLs, DNS hostnames, and IP Addresses. This program detects and blocks Malware URLs, bad Hosts, and bad IP addresses.

    Main Features:
    • Detect/Block Phishing/Malware based on URL.
    • Detect/Block C&C Server (Botnet) based on DNS hostnames & IP Addresses.
    • Detect/Block Fraud/Scam/DDos/Fake Contents based on URL & DNS hostnames.
    • Using Low Memory and barely affects network performance or cpu usage.
    • Scanning Internet Browser Cache for Malware by Yara Rule (6,000rules).
    • Database Contents (Source:phishTank.com, Spam404.com, ClamAV.net etc.):
    • Phishing
    • C&C Servers
    • Fake Content
    • Get Rich Quick Scam
    • Malware
    • Fraud
    • Spam
    • Rogue Pharmacy
    • DDos Service
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,924
    Location:
    U.S.A.
    FYI. October 27, 2014 : PhishBlock Version 0.9 First Published

    Being that is brand new, caution is advised.
     
  3. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Installed. Exception Fault on Running (Win8.1x64)
    Uninstalled cleanly though.

    Probably like Peerblock or something.
     
  4. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
    Yes...the default installator is for 64 systems but on "files" tab you can get versions for others systems
    http://sourceforge.net/projects/phishblock/files/?source=navbar
    BTW...after twice installation on my XP I get window of PhishBlock only for few seconds and then just BSOD. It needs more time and job to be stable.
     
  5. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    I wonder, what is the difference in comparison to alternative DNS servers with zero impact on performance, since it uses the same databases and blocks the same.
     
  6. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    It is explained in post#1.
    So it uses different source, and also have malware scan by Yara signature (Yara is a malware analysis/classify framework very popular in this field).
    Personally I also feel it's more like Peerblock as Mayahana said, except it also handles domain name.

    BTW, though alternative DNS doesn't consume machine resource, it can delay connection, depends on distance btwn the DNS server & your network.
    When I used Comodo DNS I felt noticable slow down.
     
  7. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Those databases are used by DNS servers, they actually uses even better and Yara signature is not so special as they present it, so overall is not really worth trying.
     
    Last edited: Oct 31, 2014
  8. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    I don't agree, from my experience those alternative DNS are not so quite effective.
    Norton DNS is much less effective compared to real Norton's safeweb protection, and Comodo DNS is also limited either for phishing & malware protection.
    I regard them as added layer of web protection, not a main one.
    However I also think Phishtank, spam404 and ClamAV are not great source.
    And I agree that 6000 Yara sigs are not so special, actually IMO they should remove
    this feature.
    I wouldn't use this unless they made significant improvement.
     
  9. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Agreed. The specialized DNS seem pretty limited, but also I view these databases as a supplement. I don't find the Kaspersky Gateway database (for phishing) all that hot either, but it's there - and it's a layer. Right now I use Kaspersky on the UTM, Clam on the transparent bridge UTM, and Norton on the dekstops/notebooks with no protection on Android/Tablets. So this product would have a marginal use for me - at best. Anyone using something like Norton, Trend, etc will likely not benefit at all from it.
     
  10. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,068
    Location:
    Netherlands
  11. Gordon Ahn

    Gordon Ahn Registered Member

    Joined:
    Nov 11, 2014
    Posts:
    1
    Location:
    Seoul, Korea
    I think Peerblock is focussing on IP-address blocking..
    and PhishBlock is focussing on URL-blocking and alternative DNS. To me it seems this is a difference from Peerblock..
    look at http://phishblock.org again. v0.9.1 is released.
     
  12. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,131
    hi
    but does someone test it?
    there are so many security program outside

    thanks , looks nice