Hello All,
Ive been using this site to find all sorts of neat things that I could do with my ASUS router. I have to admit the amount of stuff that people have been able to get these little machines to do is borderline insanity and I am all for it. That being said, I loaded up SkyNet onto my AT82U v2 last night. I believe I got it to do some default malicious IP blocking. I see that it seems to be pulling at least some of its data from LevelBlue/Labs. I have also looked into the configuration and saw that I could block entire countries.
I tried that out and the total number of blocked ranges did go up but as a whole seems kind of low. Even when blocking the entire United States the number of IPs didn't change and the amount of ranges only changed by about 25K. What doesn't make sense to me is that most databases GeoIP, IPDeny, etc list the United States as having a little more than 60K ranges of IPs. the fact that the number of IPs didn't change at all is even more confusing to me. My question is, where is SkyNet getting its data from? My best guess is that it is pulling at least the malicious IP data from LevelBle/Labs, but I cannot tell for the life of me where it is pulling the country data from. Maybe I haven't looked hard enough or I am just missing it and it's right in front of my face, I am not sure.
My second question is, I see there are ways to manually add a block list, is there a way to add data from a database (GeoIP, IPDeny, etc) that automatically updates every month? Personally, it would be a little bit of a pain to go in every month, clear out the old list, and import the new one.
I hope I explained myself well enough and if I didn't please let me know so I can clarify! Thank you!
Ive been using this site to find all sorts of neat things that I could do with my ASUS router. I have to admit the amount of stuff that people have been able to get these little machines to do is borderline insanity and I am all for it. That being said, I loaded up SkyNet onto my AT82U v2 last night. I believe I got it to do some default malicious IP blocking. I see that it seems to be pulling at least some of its data from LevelBlue/Labs. I have also looked into the configuration and saw that I could block entire countries.
I tried that out and the total number of blocked ranges did go up but as a whole seems kind of low. Even when blocking the entire United States the number of IPs didn't change and the amount of ranges only changed by about 25K. What doesn't make sense to me is that most databases GeoIP, IPDeny, etc list the United States as having a little more than 60K ranges of IPs. the fact that the number of IPs didn't change at all is even more confusing to me. My question is, where is SkyNet getting its data from? My best guess is that it is pulling at least the malicious IP data from LevelBle/Labs, but I cannot tell for the life of me where it is pulling the country data from. Maybe I haven't looked hard enough or I am just missing it and it's right in front of my face, I am not sure.
My second question is, I see there are ways to manually add a block list, is there a way to add data from a database (GeoIP, IPDeny, etc) that automatically updates every month? Personally, it would be a little bit of a pain to go in every month, clear out the old list, and import the new one.
I hope I explained myself well enough and if I didn't please let me know so I can clarify! Thank you!
