SomeWhereOverTheRainBow
Part of the Furniture
I typically do such if I find something not regularly blocked is now being blocked.
Skynet Is default firewall good enough?
- Thread starter BreakingDad
- Start date
Can you add the steps on adding this list within Skynet? Also, if I would like to go back the skynet default list, would it be easy to do so? I appreciate it.
SomeWhereOverTheRainBow
Part of the Furniture
Okay under skynet menu
Select malware-blacklist (option 3)
And then option(2) for change filter list
Copy and paste the hyper-link.
Then go back into malware-blacklist option (3) from the main skynet menu and run the option to update.
A similar process is done to switch back to the default using the default filter list hyperlink.
SomeWhereOverTheRainBow
Part of the Furniture
BTW the list includes all the list used by default skynet plus some additions.
SomeWhereOverTheRainBow
Part of the Furniture
It can still happen. Happened to me with certain domains without doing any country blocking.
SomeWhereOverTheRainBow
Part of the Furniture
I imagine anything is possible when doing country blocking. When it is easy enough for someone to look suspiciously at a nameserver because of its heavy influx of traffic every day and false report it. I have seen such happen as well. I imagine with country blocking, instead of playing pin the tail on the donkey like we are with false reports, we are playing where is carmen sandiago with whatever country to test-unblock next.
How to remove the default list? Is it exclude the list one by one?pfBlockerNG on pfSense in my case.
You have to use custom blocking list in Skynet. The default is this one:
IPSet_ASUS/filter.list at master · Adamm00/IPSet_ASUS
Skynet - Advanced IP Blocking For ASUS Routers Using IPSet. - Adamm00/IPSet_ASUSgithub.com
What we use is this one only:
And a description what it is here:
FireHOL IP Lists | IP Blacklists | IP Reputation Feeds
350+ IP blacklists, IP blocklists and IP Reputation feeds, about Cybercrime, Fraud, Botnets, Μalware, Virus, Abuse, Attacks, Open Proxies, Anonymizers. See their changes and updates, size over time, retention policy, geographic coverage, comparisons and overlaps.iplists.firehol.org
Treadler
Very Senior Member
I think post 43 tells all.
Following those steps changes (replaces) the default list to be the one you want?
Meaning I can only add a single url list, and this will overwrite the existing default lists?I think post 43 tells all.
Following those steps changes (replaces) the default list to be the one you want?
I check /mnt/amtm/skynet/lists the default lists are still there. How do I know if the default list is active or not?
Treadler
Very Senior Member
Skynet ‘option2’ says “change list”, so I assumed that happens.
I used the list in post 32, & my no. of ip’s blocked went from about 40k to over 250k. I guess it worked!
Thanks .Got it working now.
Are there any IPv6 blocklists published anywhere? The vastness of IPv6 address space makes it easier for you to be a needle in the haystack, but same for the bad guys.
We only have a few minutes left before @Tech9 arrives and tells you to disable IPv6 and Skynet.
Tech9
Part of the Furniture
We only have a few minutes left before @Tech9 arrives and tells you to disable IPv6 and Skynet.
Sorry, I was busy inspecting German autobahns and the electricity issues in Danmark. No immediate concerns noticed. Yes, you guys can save yourself all the trouble by disabling IPv6 now.
Last edited:
@Tech9Sorry, I was busy inspecting German autobahns and the electricity issues in Danmark. No immediate concerns noticed. Yes, you guys can save yourself all the trouble by disabling IPv6 now.
I have to ask....do you have a link I can go check to see why you don't recommend having IPV6 enabled?
I currently don't have it enabled but just curious what you know or knowledge against is. ..I appreciate it.
SomeWhereOverTheRainBow
Part of the Furniture
@Kingp1n I don't necessarily believe his stance is against enabling ipv6. It seems more of the prudent approach to not enable it if it is not needed. For the uneducated it would potentially create one more layer or problem for the user to have to overcome when nothing would have otherwise became broken if it had not been enabled. Personally, if you want to try it out and accept that there maybe things you would need to learn along the way, then enable it and it will be a new learning experience.
SomeWhereOverTheRainBow
Part of the Furniture
@Kingp1n The biggest proponent for enabling ipv6 is also its biggest proponent against enabling it. That is why it is hard to say yay or nay on whether it should be enabled. It is truly a personal choice. Just remember that one day it might not be a choice at all. So it might be more prudent to learn about using ipv6 now than down the road when it might be forced.
Tech9
Part of the Furniture
Yes, I do. We had a long discussion of pros and cons.
Dual Stack home network pros and cons
Here, let's discuss the pros and cons of dual stack IPv4 and IPv6 home network. I personally have IPv6 disabled on my firewall for easier control and security reasons. My ISP provides 2x external IPv4 addresses as well as 4x IPv6 addresses. I would like to hear the benefits of running dual...
www.snbforums.com
Correct. The same applies to other firmware options. If disabled by default - there is a reason.
Similar threads
Similar threads
-
scMerlin Is this feature enabled by default in scMerlin?
- Started by lenovomen
- Replies: 2
-
Unbound Use unbound/router as default DNS server
- Started by BeachGuy
- Replies: 2
-
Skynet I have installed the skynet firewall how do I configure it if the security of iot devices is important?
- Started by lenovomen
- Replies: 2
-
-
Skynet SkyNet/Firewall blocking all ping requests, including outbound
- Started by nearlyheadlessarvie
- Replies: 6
-
