RECENT POSTS
- Introduction to FreeBSD Security Best Practices
- Working with Package Management in FreeBSD
- Understanding FreeBSD Security Advisories and Updates
- Troubleshooting Common System Administration Issues in FreeBSD
- Tips for Hardening FreeBSD to achieve System Protection
- Setting Up DHCP Server in FreeBSD
- Secure User and Group Management in FreeBSD Systems
- Secure Remote Access with SSH in FreeBSD
- Optimizing System Performance in FreeBSD
- Network Packet Capture with tcpdump in FreeBSD
- All posts ...
Do you have GDPR compliance issues ?
Check out Legiscope a GDPR compliance software, that will save you weeks of work, automating your documentation, the training of your teams and all processes you need to keep your organisation compliant with privacy regulations
Dns2blackhole
Jul 20, 2023
Malware Prevention through Domain Blocking
Malware Prevention through Domain Blocking Black Hole
dns2blackhole is a set of Bourne Shell csh scripts that fetch host files from public host file providers that contain the FQDN [ Fully Qualified Domain Names ] of sites that fall into the following categories, adware, malware, exploit, hijackers, harvesters, tracking, phishing, fake news, fraud, spam, sex, porn, gambling, advertisements, misleading marketing, illegal pharmacy, warez/piracy and others. The output of the dns2blackhole scripts is fed directly into the ports/package versions of unbound, named, and dnsmask DNS servers to block those FQDN thus protecting user devices from being compromised or bothered seeing things of no interest. The base built-in version of unbound titled “local_unbound” can also be configured to work using the dns2blackhole method. This black hole method is another layer of protection that you can customize to your needs.
Checkout these related ports:
- Zonenotify - DNS notify sender written in C
- Zonecheck - Perform consistency checks on DNS zones
- Zkt -
- Yandex-ddns - Use Yandex DNS as a dynamic DNS provider
- Yadifa - Authoritative nameserver with DNSSEC capabilities
- Wrapsrv - DNS SRV record command line wrapper
- Whoseip - Get information about IP addresses country code and network
- Wdns - Low-level DNS library
- Walker - Recover zone file information from servers that use DNSSEC
- Void-zones-tools - Prepare a list of void zones that can be readily fed into Unbound
- Vizone - Updates the serial number in one or more zonefiles
- Vhostcname - Synchronize DNS with server names and aliases from Apache vhost
- Utdns - Proxy UDP/DNS to TCP/DNS
- Updatedd - Dynamic DNS Update Client supporting multiple services
- Unbound - Validating, recursive, and caching DNS resolver