What's new

Skynet Is default firewall good enough?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I typically run a check against it's IP on AlienVault if something looks suspicious or just to spot check...

I typically do such if I find something not regularly blocked is now being blocked.
 
Can you add the steps on adding this list within Skynet? Also, if I would like to go back the skynet default list, would it be easy to do so? I appreciate it.
Okay under skynet menu

Select malware-blacklist (option 3)
And then option(2) for change filter list
Copy and paste the hyper-link.
Then go back into malware-blacklist option (3) from the main skynet menu and run the option to update.

A similar process is done to switch back to the default using the default filter list hyperlink.
 
It can still happen. Happened to me with certain domains without doing any country blocking.
I imagine anything is possible when doing country blocking. When it is easy enough for someone to look suspiciously at a nameserver because of its heavy influx of traffic every day and false report it. I have seen such happen as well. I imagine with country blocking, instead of playing pin the tail on the donkey like we are with false reports, we are playing where is carmen sandiago with whatever country to test-unblock next.
 
pfBlockerNG on pfSense in my case.

You have to use custom blocking list in Skynet. The default is this one:


What we use is this one only:


And a description what it is here:

How to remove the default list? Is it exclude the list one by one?
 
I think post 43 tells all.
Following those steps changes (replaces) the default list to be the one you want? :)
Meaning I can only add a single url list, and this will overwrite the existing default lists?
I check /mnt/amtm/skynet/lists the default lists are still there. How do I know if the default list is active or not?
 
Meaning I can only add a single url list, and this will overwrite the existing default lists?
I check /mnt/amtm/skynet/lists the default lists are still there. How do I know if the default list is active or not?
Skynet ‘option2’ says “change list”, so I assumed that happens.
I used the list in post 32, & my no. of ip’s blocked went from about 40k to over 250k. I guess it worked!
 
Apologies for waking up an older thread.

I use IPv4 + IPv6.
Skynet ‘appears‘ to do it’s good work via ipv4 only. (Please confirm).
Is there any point in using Skynet on an IPv6 enabled network?
 
Is there any point in using Skynet on an IPv6 enabled network?
Are there any IPv6 blocklists published anywhere? The vastness of IPv6 address space makes it easier for you to be a needle in the haystack, but same for the bad guys.

We only have a few minutes left before @Tech9 arrives and tells you to disable IPv6 and Skynet. :)
 
We only have a few minutes left before @Tech9 arrives and tells you to disable IPv6 and Skynet. :)

Sorry, I was busy inspecting German autobahns and the electricity issues in Danmark. No immediate concerns noticed. Yes, you guys can save yourself all the trouble by disabling IPv6 now. :)
 
Last edited:
Sorry, I was busy inspecting German autobahns and the electricity issues in Danmark. No immediate concerns noticed. Yes, you guys can save yourself all the trouble by disabling IPv6 now. :)
@Tech9

I have to ask....do you have a link I can go check to see why you don't recommend having IPV6 enabled?

I currently don't have it enabled but just curious what you know or knowledge against is. ..I appreciate it.
 
@Tech9

I have to ask....do you have a link I can go check to see why you don't recommend having IPV6 enabled?

I currently don't have it enabled but just curious what you know or knowledge against is. ..I appreciate it.
@Kingp1n I don't necessarily believe his stance is against enabling ipv6. It seems more of the prudent approach to not enable it if it is not needed. For the uneducated it would potentially create one more layer or problem for the user to have to overcome when nothing would have otherwise became broken if it had not been enabled. Personally, if you want to try it out and accept that there maybe things you would need to learn along the way, then enable it and it will be a new learning experience.
 
@Kingp1n The biggest proponent for enabling ipv6 is also its biggest proponent against enabling it. That is why it is hard to say yay or nay on whether it should be enabled. It is truly a personal choice. Just remember that one day it might not be a choice at all. So it might be more prudent to learn about using ipv6 now than down the road when it might be forced.
 
I have to ask....do you have a link

Yes, I do. We had a long discussion of pros and cons.


It seems more of the prudent approach to not enable it if it is not needed.

Correct. The same applies to other firmware options. If disabled by default - there is a reason.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top