Posts
DNS Blackhole for Smoothwall 3.0 available at Emerging Threats:
This is the most comprehensive DNS blacklist available. These files allow you to blacklist malicious domains by name. This is particularly useful because of the frequency with which the enemy changes the IP addresses of malware domains in an effort to evade IP blocking.
* config-hosts: 175,550 organized crime, RBN affiliates, malware hosts and bad actors blacklisted for Smoothwall 3. Leave last line blank. Place in /var/smoothwall/hosts/, then rename config-hosts to config. Updated 8-14-2008.
http://doc.emergingthreats.net/pub/Main/HoneywallSamples/config-hosts
* hosts: Protect your home from 175,550 bad domains for Smoothwall 3; placed in /var/smoothwall/hosts/. Note: with this many objects in BlackHole, you must use local loopback. Update 8-14-2008: added 3,000 new malware domains.
http://doc.emergingthreats.net/pub/Main/HoneywallSamples/hosts
For effective protection, you should use anti-spyware and anti-virus products in addition to IP blocking and DNS blacklisting.
I maintain the Snort Config Samples Project at Emerging Threats. Visit http://doc.emergingthreats.net/bin/view/Main/HoneywallSamples for more information.
skip to main |
skip to sidebar
Use Smoothwall, Suricata, Snort Inline, the Emerging Threats rules, blackhole DNS and IP blocking to secure your home network
from the Russian Business Network and other criminal organizations.
About Me
Web-based Research Tools
- Anonymous Whois
- Anti-Malvertising Research Engine
- Arbor Networks Atlas Dashboard
- BFK Passive DNS Replication
- CIDR Report
- CleanMX Realtime
- Diagnosis Tools
- DNS Digger
- DNS Lookup
- DNS-BH Malware Domain Blocklist
- Domain Tools Whois
- Emerging Threats
- Find Parasites
- Google Safe Browsing Diagnostic
- gWebTools Whois
- hpHosts
- IP6 Conversion
- IPVoid
- Malc0de Database
- Malware Domain List
- Malware URL
- McAfee Site Advisor
- McAfee Trusted Source
- Microsoft Malware Protection Center
- Name Server Spy
- NetCraft Site Report
- Netirk Site Status
- Norton Safe Web
- PDF Void
- Project HoneyPot
- Robtex Swiss Army Knife
- ShadowServer
- Site Check
- Snort Config Samples
- SpamHaus
- SRI Honeynet
- SRI Malware Threat Center
- Symantec Threat Explorer
- Threat Log Honeypot Database
- Unshorten URLs
- URLVoid
- Virus Total
- vURL
- Wepawet
- WhatMask
- Where Is
Security Blogs
- Arbor Sert
- Avira Threat Explorer
- Cyber-TA Malware Analysis
- Dancho Danchev
- Digital Intelligence and Strategic Operations Group
- FireEye
- Gary Warner's CyberCrime & Doing Time
- Host Exploit
- Jart Armin's RBN Exploit
- Knujon
- Krebs On Security
- McAfee Avert Labs Blog
- Russian Business Network
- SANS Internet Storm Center
- Securiteam
- Silent Noise
- Stopbadware: RBN (Russian Business Network)
- Sudosecure
- Sunbelt Blog
- Symantec Threat Explorer
- Team Cymru
- Victor Julien's Inliniac
- Will Metcalf's Blog
- Zero Day
Free Security Software
- Avira Antivirus
- Bot Hunter
- ClamWin Antivirus
- Comodo Firewall
- Emerging Threats (bleeding snort signatures)
- Honeywall (snort inline iso)
- Malzilla
- McAfee Site Advisor
- Microsoft Security Essentials
- Secunia Personal Software Inspector
- Smoothwall Express 3.0 (bootable iso)
- Snort.org (snort signatures)
- Suricata Intrusion Prevention
- Web Of Trust