for geofencing, I-block list, example https://netroar.com/BlockListsNotes.txt , sometimes it will still let through geofenced ips, but it does the job quite well, peerblock is good for blocking countries (a paid alternative is Blackfog for geofencing, other lists can be run via adguard which is very cheap one time charge and has some malware lists too, and almost all types of lists formats work with it, more formatting options are allowed) other peerblock lists are outdated (which also means it can block some addresses that are no-longer malware) and you would need to convert them from known up-to-date lists, you need to work a little for converting these, too large lists on software level can slow down your browsing just like altering the host file can, peerblock with tight geofencing and some malware lists ran OK peerblock has unpatched vulnerabilities it is a pity because ip blocking is still important as an additional security feature (not to be relied upon)
hi i'm looking for p2p ,spy ,and dos attacts , there are many host file , how convert into a peerblock file? thanks for the link ,is geofencing to block specific nation?
I think he means the included lists in peerblock are out of date and need replacing. Geofencing is a specific nation ie UK canada etc
I don't remember, today I'd look at the netroar list in txt file format and use that exact syntax, in peerblock geofencing Reunion is done with this method: Reunion:185.161.8.0 you can specify ranges too with Reunion:185.161.8.0-185.161.8.255 just load a list and see if the IP counter increases, the counter on the main interface is always right, then use that list syntax for your future edits and lists btw. why convert hosts while its doing its thing, live it be, maybe add to it: 255.255.255.255 WPAD. my opinion: Spoiler A program like adguard is not so picky, as it uses a collection of syntaxes, whilst the options on peerblock are limited. Moreover, adguard has a nice security feature that would block the download of executables with its parental control (turned off by default). Adguard has some up to date lists but they are not that great malware wise That said, I'd rather have ip blocking at hardware level (or with Virtual Machine - VM) on some device that is still updated, so instead of adguard I would configure pfsense with Stateful Packet Inspection (SPI), Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), then you have paid and free lists options on top of your custom lists. You can find really awesome free lists on the Internet. Run it on an external device like a router, a second host or with a local VM, exploitable software on your OS potentially can raise some concerns in terms on security.
Well, that could be said of any scheme dependent on lists. Hardware IP blocking as you nicely detail is a Tall Order for most of us and I don't think anyone sells a router sans SPI anymore. I believe AdGuard has some pretty good code involved in their malware protection feature aside from its core mission to block ads at which it is superb. • https://kb.adguard.com/en/general/how-malware-protection-works A user can throw in their own choice of a list(s) into AdGuard or roll their own list. Cyber ages ago, working with host files (Dan Pollock's was my fav) or PeerGuardian/Block became Too Much Work regardless of either's efficacy and decided to let some one else do it. Starting with Adblock 0.5 and now AdGuard, going on six years. If blocking in the browser is all that's desired, the AdGuard extension is free and highly configurable. Good luck with that. Cheers.
@lucd hi but is not update regularly or anymore , because the last update is 2020 (2 years ago) thanks
and? this the only way I know of that works locally, the alternative is pfsense list can be converted, or if you want a bunch of ips blocked you can do that, list of ips not just one by one, still 2.6 billion ips blocked is not that bad, it blocks some stuff and lots of ads ip blocking is not that great anyway, security wise it means almost nothing, but some extra stuff doesn;t hurt you welcome
Hi @lucd I woul like to block some scanning ips , sometime are very nasty maybe an updated list would be better , i guess but thanks Lucd , I appreciate you help
Could you use something like Hostsman? You have a lot of choices if you use an alternate hosts file. https://www.softpedia.com/dyn-search.php?search_term=hostsman https://filterlists.com/ Also, here is a list for use in Emule that also works in Qbitorrent... http://hostex.de/?hash=MTEwOTIyLWlwZmlsdGVyLnYwMTUyLnppcA==&fid=1316700423&trace=11548022
are host files reliable, I suspect they aren't and its just one tiny file that can be easily edited, thanks anyway you must include at the beginning: 127.0.0.1 localhost ::1 localhost then you can add either 0.0.0.0 or 127.0.0.1, before an ip or server name, correct? not sure if 0.0.0.0 and 127.0.0.1 can be mixed, available lists are not mixed changing subject, geofencing by peerblock and netroar doesn't cover full ip range, so its not reliable