Suggestions on Web filtering/blacklisting?

Discussion in 'other anti-malware software' started by CGuard, May 24, 2015.

  1. CGuard

    CGuard Registered Member

    Joined:
    Mar 2, 2012
    Posts:
    145
    Hi,

    I'm interested on extended use of URL/IP blacklisting, as part of a universal free security setup for my friends and family. I'm looking to make it simple, lightweight, automated for them, and easily maintainable, hassle-free for me.

    Currently, i'm testing a MBAE-ed, slightly hardened Chrome and web filtering (in its broad sense) is based on:

    a) Norton DNS
    b) Panda URL Filtering
    c) Chrome's Safe Browsing
    d) uBlock Origin (all but "Social" and unnecessary regional 3rd-party filters enabled - Dynamic Filtering disabled)
    e) Adguard extension (only "Phishing and Malware Protection" is enabled - nothing else)
    f) Bitdefender Trafficlight (all but "Facebook and Twitter Protection" enabled)
    g) Avira Browser Safety (Trackers Blocking disabled using this trick)

    Given that:

    i) malware and phishing protection is the primary objective (and the sole purpose of this thread)
    ii) utilizing both HOSTS lists of uBlock + "Phishing and Malware Protection" of Adguard (WOT, Safe Browsing, Yandex) is the only reason for using both extensions
    iii) btw, ads and trackers are blocked exclusively by uBlock
    iv) partial redundancy is unavoidable

    what would you add (PeerBlock with only malware-related lists enabled? other extensions? ) or remove (because of total redundancy)?


    Couple of questions:

    1. Is this list of WOT's Trusted Sources outdated? Because if it's current, then a) this thread is of little value (aka: WOT FTW), and b) why would Adguard cite three separate reports? - (frankly, WOT's weighting system is still unclear to me)

    2. In the presence of Adguard, should i disable Chrome's Safe Browsing (redundant) or there is more than meets the eye?
     
  2. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    I recommend Adblock Plus for your browser. Does everything you'd want to do.

    And the cost? Free.
     
  3. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,953
    Location:
    USA
    I use to use K9 Web Protection, and it has very robust filtering. It currently says it filters more than 70 categories on their website. It filtered pornography, and malware sites better than my Netgear Prosecure UTM did. The question is will it filter sites that your Norton DNS may miss. I have never used Norton DNS before. http://www1.k9webprotection.com/
     
  4. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    K9 Web Protection made by Blue Coat is an excellent web filter. It can be used to block malware, spyware, hacking and phishing websites as well as of course pornography and other undesirable content.

    Its easily configurable and of course it offers free web protection.
     
  5. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    I recommend K9 Web Protection as well.

    It does an amazingly good job at keeping you protected from bad links and also runs light on the system.
     
    Last edited: May 25, 2015
  6. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    617
    Location:
    Wembley, London
    My preference:
    Adguard (Paid) excellent spyware filter along side Ublock with dynamic filtering on browsers = Light and Bright!
    Also use OpenDNS (Phishtank) on router and systems for prevention of Phishing sites.
     
  7. CGuard

    CGuard Registered Member

    Joined:
    Mar 2, 2012
    Posts:
    145
    Thanks for recommendations so far!

    Re K9 Web Protection, IIRC, it intercepts web traffic (=>renders W7FW Outbound Control useless), right? If that's not the case (had briefly installed it a couple of years ago), then i should definitely try it.


    I need to come up with a universal setup, i.e. independent of Win7/8/8.1 Edition, bitness, experience and financial ability. I can't remotely maintain 8-10 different setups. So it has to be a free one.

    OpenDNS is something to try out. Thanks.
     
  8. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,083
    Location:
    Netherlands
    I did a test and discovered that all lesser AV-'s use the generic available blacklists. Also when you use Chrome, most general available black lists are redundant (except for HpHost because most AV's don't seem to touch MBAM blacklist for public relation reason I guess).

    Have a look at see http://www.pcmag.com/image_popup/0,1871,iid=428783,00.asp to get an idea of its effectiveness (remember HpHost is powered by MalwareBytes)

    So you could stack up the crazy URL blocklist below (what is ineffective in the stacked URL blocklist I have put in red)
    Norton DNS

    Panda URL Filtering
    K9 Webprotection (when you use Norton DNS and Panda URL filter plus Adguard with Yandex fed blacklist of Sophos, it is sort of redundant)

    Chrome Safe Browsing (already included in AdGuard)
    uBlock (only use HPhost and the specific anti-ad filters, rest is redundant and Avast has better anti-tracking)
    AdGuard (with Yandex you get Sophos and with WOT you get Phistank)

    Avast Safe Online
    Bitdefender Traffic Light

    Avira (URL filtering is a numbers game, more users, more URL's fed by users helping the automated crawlers)

    Regards Kees

    Notes

    1) I would replace ublock by uMatrix and don't block third party (allow everything). Enable HpHost as third party filter (disable all othersexcept MalwareBytes URL filter) and benefit of the additional privacy options uMatrix offers over uBlock. When you would do that, you should enable advertisement filtering in Adguard.

    2) Disabling the safe search options in Avast, Bitdefender and Avira (see below) seems to improve performance slightly, when user navigates to website, block will kick in and user is not confronted with possibly contradicting values (e.g. Bitdefender says OK, Avast OK, Avira says NO).

    3) When you are in German speaking region, Avira is a great extension and should be included.
     
    Last edited: May 26, 2015
  9. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    I would not recommend K9 web protection as it is a complete nightmare to uninstall.Several searches confirm this activity.
     
  10. CGuard

    CGuard Registered Member

    Joined:
    Mar 2, 2012
    Posts:
    145
    @Windows_Security: The kind of information i was looking for!

    I do realize that it's going to be a quite extensive, exhaustive, crazy list, but i am dealing with a dozen of sworn happy-clickers. The more stops i can get for/to them, the better.

    It seems that Adguard is filling up its blacklist in a selective way. So, i'll probably keep Chrome's Safe Browsing enabled anyway.

    OT comment: I thought that uBlock merges its (3rd party) lists. No?

    Great suggestion (based on your pcmag link)!

    Not sure about 1) (usability issues...), but going to definitely follow your advice on 2).

    Many thanks!
     
  11. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,083
    Location:
    Netherlands
    OT remark) Yes uBlock merges list, so no redudancy

    1) Decided to try today the third on the latest addition list of HPhost, according to your post this should be on WOT after 24 hours (so will check tomorrow on the HpHost blacklisted site)

    WOT does not know the site (yet), while it is obvious a bad site see pic (have removed link to website for TOS)

    Tried an older entry from malware domain list and WOT did mark it as bad site,

    upload_2015-5-27_20-5-28.png
     
    Last edited: May 27, 2015
  12. CGuard

    CGuard Registered Member

    Joined:
    Mar 2, 2012
    Posts:
    145
  13. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,083
    Location:
    Netherlands
    Still with Norton DNS, Chrome's Safe Browsing and just WOT, you got a lot of stuff covered without any hassle. An advantage of WOT is that it shows it ratings with Startpage Search also.

    Tested site and Yes it is now marked as bad site in WOT, so the sources you mentioned seem stil valid, with 24 hour delay. So better to keep Chrome's Safe Browsing on also.

    upload_2015-5-28_13-36-2.png
     
    Last edited: May 28, 2015
  14. CGuard

    CGuard Registered Member

    Joined:
    Mar 2, 2012
    Posts:
    145
    I went ahead and installed K9 (only malware/phishing-related enabled). I like it so far. No conflicts with Norton DNS and Panda URL Filtering -more testing needed. Not sure how it works -i thought it was using some kind of local proxy like older Avast Web Shield was using. Guess i will have to search WS for dedicated threads.

    Indeed and intended (to do).