Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Serious security question ... is your black hole bigger than mine?
Message
<blockquote data-quote="Lenny_Fox" data-source="post: 918277" data-attributes="member: 82776"><p>To all members adding URL blacklists in UTM-fw-router, pi-holes and u-Block-plussers I am challenging them: are you sure your black hole is bigger than mine?</p><p></p><p>Have a look at the blacklists I have piled up using a DNS - Browser build-in and just one (optional) extension.</p><p></p><ol> <li data-xf-list-type="ol">Use Quad9 as DNS service (already predefined in Edge Chromium)<br /> Quad9 DNS has three massive DNS sources. 2 antivirus sources, 1 corporate threat detection (e.g. for ransomware/spear phishing), 1 botnet and 1 spam.<br /> The documentation of Quad9 I could find mentions some of the initial partners: I have made the ones with large blocklists bold: <strong>IBM’s X-Force, Abuse.ch</strong>, Anti-Phishing Working Group (APWG), Bambenek Consulting,<strong> Cisco (Umbrella DNS network), F-Secure,</strong> mnemonic,<strong> Netlab (Passive DNS), Payload Security (Crowd Strike)</strong><em><strong> , </strong></em><strong>Proofpoint (email protection)</strong>, RiskIQ, and <strong>ThreatSTOP (MyDNS)</strong>.<br /> <br /> </li> <li data-xf-list-type="ol">Browser build-in blocklists (Edge Smartscreen - Chrome Safe Browsing)<br /> Since 2019 Smartscreen does not include your SID anymore. It stils sends the URL in plain text, but because it is send over HTTPS it is encrypted. So for MT-members with a a moderate form of compulsive malware paranoia disorder (CMPD), there is no reason to disable it anymore. Chrome's Safe Browsing pushes hashed lists to clients every half-hour, so while this is better in terms of privacy, the Chrome URL-blacklist on average is 15 minutes behind Edge cloud based only Smartscreen.<br /> <br /> </li> <li data-xf-list-type="ol">One malware protection extension of choice<br /> Based on this thread (<a href="https://malwaretips.com/threads/updated-29-12-2018-browser-extension-comparison-malwares-and-phishings.80915/" target="_blank">link</a>) I will grant MT-members an additional malware protection blocklist. Personally being a "less is more" fan, I am not adding any malware protection extension. Because I I am planning to enable HomeCare on my new TP-link AC4000 router, I added this option to level the playing field (so practically using one more URL-blacklist from TrendMicro in the router). When I interpret the results published by [USER=51905]@Evjl's Rain[/USER] correctly I would suggest<br /> a) Bitdefender Traffic light - when your main concern is Phishing<br /> b) Norton Safe Web - when your main concern is malware (will probably soon also include Avira's URL blacklist)<br /> c) Malwarebytes Browser Guard - good overall performer with adblocker</li> </ol><p></p><p>EDIT: just received new TP-link AC4000 router with Trend Micro home care. </p><p></p><p>So I ask all paranoid UTM-wallers, Pi-holers and u-Block-plussers do you seriously think your black hole is bigger than mine?</p></blockquote><p></p>
[QUOTE="Lenny_Fox, post: 918277, member: 82776"] To all members adding URL blacklists in UTM-fw-router, pi-holes and u-Block-plussers I am challenging them: are you sure your black hole is bigger than mine? Have a look at the blacklists I have piled up using a DNS - Browser build-in and just one (optional) extension. [LIST=1] [*]Use Quad9 as DNS service (already predefined in Edge Chromium) Quad9 DNS has three massive DNS sources. 2 antivirus sources, 1 corporate threat detection (e.g. for ransomware/spear phishing), 1 botnet and 1 spam. The documentation of Quad9 I could find mentions some of the initial partners: I have made the ones with large blocklists bold: [B]IBM’s X-Force, Abuse.ch[/B], Anti-Phishing Working Group (APWG), Bambenek Consulting,[B] Cisco (Umbrella DNS network), F-Secure,[/B] mnemonic,[B] Netlab (Passive DNS), Payload Security (Crowd Strike)[/B][I][B] , [/B][/I][B]Proofpoint (email protection)[/B], RiskIQ, and [B]ThreatSTOP (MyDNS)[/B]. [*]Browser build-in blocklists (Edge Smartscreen - Chrome Safe Browsing) Since 2019 Smartscreen does not include your SID anymore. It stils sends the URL in plain text, but because it is send over HTTPS it is encrypted. So for MT-members with a a moderate form of compulsive malware paranoia disorder (CMPD), there is no reason to disable it anymore. Chrome's Safe Browsing pushes hashed lists to clients every half-hour, so while this is better in terms of privacy, the Chrome URL-blacklist on average is 15 minutes behind Edge cloud based only Smartscreen. [*]One malware protection extension of choice Based on this thread ([URL='https://malwaretips.com/threads/updated-29-12-2018-browser-extension-comparison-malwares-and-phishings.80915/']link[/URL]) I will grant MT-members an additional malware protection blocklist. Personally being a "less is more" fan, I am not adding any malware protection extension. Because I I am planning to enable HomeCare on my new TP-link AC4000 router, I added this option to level the playing field (so practically using one more URL-blacklist from TrendMicro in the router). When I interpret the results published by [USER=51905]@Evjl's Rain[/USER] correctly I would suggest a) Bitdefender Traffic light - when your main concern is Phishing b) Norton Safe Web - when your main concern is malware (will probably soon also include Avira's URL blacklist) c) Malwarebytes Browser Guard - good overall performer with adblocker [/LIST] EDIT: just received new TP-link AC4000 router with Trend Micro home care. So I ask all paranoid UTM-wallers, Pi-holers and u-Block-plussers do you seriously think your black hole is bigger than mine? [/QUOTE]
Insert quotes…
Verification
Post reply
Top