Discussion in 'privacy technology' started by mantra, Apr 4, 2020.
is there a complete free list for peerblock ?
i have searched around without luck
for geofencing, I-block list, example https://netroar.com/BlockListsNotes.txt , sometimes it will still let through geofenced ips, but it does the job quite well, peerblock is good for blocking countries (a paid alternative is Blackfog for geofencing, other lists can be run via adguard which is very cheap one time charge and has some malware lists too, and almost all types of lists formats work with it, more formatting options are allowed)
other peerblock lists are outdated (which also means it can block some addresses that are no-longer malware) and you would need to convert them from known up-to-date lists, you need to work a little for converting these, too large lists on software level can slow down your browsing just like altering the host file can, peerblock with tight geofencing and some malware lists ran OK
peerblock has unpatched vulnerabilities
it is a pity because ip blocking is still important as an additional security feature (not to be relied upon)
thanks for the netroar list
i'm looking for p2p ,spy ,and dos attacts , there are many host file , how convert into a peerblock file?
thanks for the link ,is geofencing to block specific nation?
I think he means the included lists in peerblock are out of date and need replacing.
Geofencing is a specific nation ie UK canada etc
can you convert host file block into peerblock file?
I don't remember, today I'd look at the netroar list in txt file format and use that exact syntax, in peerblock geofencing Reunion is done with this method:
you can specify ranges too with Reunion:126.96.36.199-188.8.131.52
just load a list and see if the IP counter increases, the counter on the main interface is always right, then use that list syntax for your future edits and lists
btw. why convert hosts while its doing its thing, live it be, maybe add to it:
A program like adguard is not so picky, as it uses a collection of syntaxes, whilst the options on peerblock are limited. Moreover, adguard has a nice security feature that would block the download of executables with its parental control (turned off by default). Adguard has some up to date lists but they are not that great malware wise
That said, I'd rather have ip blocking at hardware level (or with Virtual Machine - VM) on some device that is still updated, so instead of adguard I would configure pfsense with Stateful Packet Inspection (SPI), Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), then you have paid and free lists options on top of your custom lists. You can find really awesome free lists on the Internet. Run it on an external device like a router, a second host or with a local VM, exploitable software on your OS potentially can raise some concerns in terms on security.
Well, that could be said of any scheme dependent on lists. Hardware IP blocking as you nicely detail is a Tall Order for most of us and I don't think anyone sells a router sans SPI anymore.
I believe AdGuard has some pretty good code involved in their malware protection feature aside from its core mission to block ads at which it is superb.
A user can throw in their own choice of a list(s) into AdGuard or roll their own list.
Cyber ages ago, working with host files (Dan Pollock's was my fav) or PeerGuardian/Block became Too Much Work regardless of either's efficacy and decided to let some one else do it. Starting with Adblock 0.5 and now AdGuard, going on six years.
If blocking in the browser is all that's desired, the AdGuard extension is free and highly configurable.
Good luck with that.