add new lists - Githubissues

https://hblock.molinero.xyz/hosts_rpz.txt https://hblock.molinero.xyz/hosts_unbound.conf https://hblock.molinero.xyz/hosts_dnsmasq.conf https://raw.githubusercontent.com/ookangzheng/blahdns/master/hosts/rpz.blacklist https://github.com/ngosang/trackerslist/blob/master/trackers_all.txt https://github.com/ngosang/trackerslist/blob/master/blacklist.txt

collinbarrett commented 5 years ago

no worries, that shouldn't break anything. we can clean it up in another PR
man, not sure at first glance. syntax isn't a required field, so we can leave them off for now if we can't determine.

DandelionSprout commented 5 years ago

If my memory doesn't play tricks on me, here's my notes about some of the lists:

Already added:

Mere mirrors:

https://hexxiumcreations.github.io/threat-list/hexxiumthreatlist.txt (Mirror of "Hexxium Creations Threat List")

Useless:

http://www.malware-domains.com/files/ (Only contains ZIP files)
https://github.com/Dawsey21/Lists (Outdated versions of Spam404)

Other:

https://github.com/CHEF-KOCH/BarbBlock-filter-list (Believed to be a questionable and/or superfluous derivative of the official BarbBlock list, although not licence-breaking as such)

Most, if not all of the rest of the lists, are however solid candidates for being added.

bogachenko commented 5 years ago

@collinbarrett

https://github.com/CHEF-KOCH/BarbBlock-filter-list

Uh, there's no problem with this list? He (for sure) stole it somewhere and gives out for his work... After a month, the other would again have to remove, lol. It's monkey bussines.

ghost commented 5 years ago

The person who’s attached his name to the (not)BarbBlock list in question additionally makes outright false claims regarding the original BarbBlock repository. The problem is that the public has a habit of not doing research and merely reads, sees links, and believes.

bogachenko commented 5 years ago

First of all. these are assumptions.

He (for sure) stole it somewhere and gives out for his work... (for sure)

Okay? Secondly. Reputation is something that cannot be bought! Yeah. When a person steals something and is caught on it, his reputation falls. And the next time when something disappears, they go to this person. soooo this cook ~(cock)~ was caught stealing many many many many times. (much of his plagiarism is still stored and not removed, yeah), so my concerns are quite understandable.

and therefore (it seems to me, I emphasize the phrase - it seems to me!) and this repository will be caught stealing, it is only a matter of time.

collinbarrett commented 5 years ago

Thanks, I just removed the two CK lists from the OP. That was just a big dump of lists that came in via email anonymously. I hadn't had a chance to parse through them yet.

Atavic commented 5 years ago

@bogachenko

what is the syntax?

https://hblock.molinero.xyz/hosts_rpz.txt

It's for: isc bind

https://hblock.molinero.xyz/hosts_unbound.conf

For: unbound

https://hblock.molinero.xyz/hosts_dnsmasq.conf

dnsmask

https://raw.githubusercontent.com/ookangzheng/blahdns/master/hosts/rpz.blacklist

isc bind

https://github.com/ngosang/trackerslist/blob/master/trackers_all.txt https://github.com/ngosang/trackerslist/blob/master/blacklist.txt

These are Torrent Trackers URLs + comment to be imported in torrent clients as Transmission. See: https://github.com/transmission/transmission/issues/796

bogachenko commented 5 years ago

Well, there is no such

unbound isc bind

It would be necessary to add in the future. But all exactly thanks @Atavic

bogachenko commented 5 years ago

so

~>Add https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/domains as back up to https://hosts.ubuntu101.co.za/domains.list~ ~>Add https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/ips as back up to https://hosts.ubuntu101.co.za/ips.list~ ~>Add https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/hosts as back up to https://hosts.ubuntu101.co.za/hosts~

~Should I set it up like a mirror? "viewUrlMirror1": ""~ ~URL github.com it's just not a RAW file~

~> https://github.com/mitchellkrogza/Fail2Ban.WebExploits/blob/master/input-source/exploits.list~

~What is the syntax? Is it a URL?~

~> https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/superhosts.deny~

~how i can to add it? Part 1, Part 2, Part N ... or what? lol~ ~https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist#raw-file-sources Is there a RAW file here, should I add only deny?~

http://dsi.ut-capitole.fr/blacklists/download/ http://malwaredomains.lehigh.edu/files/

no no no no no

https://raw.githubusercontent.com/ruvelro/Halt-and-Block-Mining/master/HBmining.bat

*.bat? rly?

~> https://gutl.jovenclub.cu/wp-content/uploads/2017/05/blacklist.txt~

~404~

~> https://www.badips.com/info~

~uh????~

Atavic commented 5 years ago

What is the syntax?

Fail2ban blocks failed attempts at logins. Web Exploits are known sensitive files in webservers and other internet related services that crawlers or scrapers try to brute force or log into. At the bottom there are workpress plugins related sensitive files that admins should lock from unknown visitors.

https://www.badips.com/info

See: http://www.timokorthals.de/?p=334

bogachenko commented 5 years ago

@Atavic

https://www.badips.com/info See: http://www.timokorthals.de/?p=334

I know this is IPs. I'm talking about the fact that there is no RAW, how to subscribe?

Fail2ban blocks failed attempts at logins. Web Exploits are known sensitive files in webservers and other internet related services that crawlers or scrapers try to brute force or log into. At the bottom there are workpress plugins related sensitive files that admins should lock from unknown visitors.

so, what is the syntax?

Atavic commented 5 years ago

BadIPs should have an API for interfacing with the huge list.

Fail2ban Webexploits list has no syntax, it's just a blacklist that's read by Fail2ban service.

bogachenko commented 5 years ago

ok as you say i will add

bogachenko commented 5 years ago

@collinbarrett

Add https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/domains as back up to https://hosts.ubuntu101.co.za/domains.list Add https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/ips as back up to https://hosts.ubuntu101.co.za/ips.list Add https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/hosts as back up to https://hosts.ubuntu101.co.za/hosts Should I set it up like a mirror? "viewUrlMirror1": "" URL github.com it's just not a RAW file

collinbarrett commented 5 years ago

Hmm. No, mirrors should have the same syntax. Historically, we've treated the same list in different syntaxes as different lists entirely. It seems like we should link them better, but, for now, just treat them as separate lists.

bogachenko commented 5 years ago

@collinbarrett and how to add them? Part One, Part Two, Part Dick Know What? There are many such lists. but if necessary I will add.

collinbarrett commented 5 years ago

Let's append"Hosts", "IPs", etc. to the end of the list name to differentiate. Thanks.

bogachenko commented 5 years ago

@collinbarrett

Let's append"Hosts", "IPs", etc. to the end of the list name to differentiate. Thanks.

this is an ambiguous answer. um. the difficulties of translation from me? um.

like this?

  {
    "id": --,
    "description": "texttextetxtettttttxtetxt.",
    "homeUrl": "https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/hosts",
    "issuesUrl": "https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/issues",
    "name": "Ultimate Hosts Blacklist HOSTS0 mitchellkrogza",
    "syntaxId": --,
    "viewUrl": "https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/blob/master/hosts/hosts0"
  }

or this (viewUrl its not RAW)

  {
    "id": --,
    "description": "texttextetxtettttttxtetxt.",
    "homeUrl": "https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/hosts",
    "issuesUrl": "https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/issues",
    "name": "Ultimate Hosts Blacklist HOSTS mitchellkrogza",
    "syntaxId": --,
    "viewUrl": "github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/tree/master/hosts"
  }

collinbarrett commented 5 years ago

Oh, I just now noticed that these are multi-part lists (Hosts0, Hosts1, etc.). We haven't solved #503 yet.

Hmm... For now, let's just link to the first part of each list. So, something like:

  {
    ...
    "name": "Ultimate Hosts Blacklist Hosts",
    "viewUrl": "https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/blob/master/hosts/hosts0"
    ...
  },
  {
    ...
    "name": "Ultimate Hosts Blacklist IPs",
    "viewUrl": "https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist/raw/master/ips/ips0.list"
    ...
  }

bogachenko commented 5 years ago

okay captain, I'll do it now.

bogachenko commented 5 years ago

@collinbarrett

http://dsi.ut-capitole.fr/blacklists/download/ http://malwaredomains.lehigh.edu/files/ no no no no no https://raw.githubusercontent.com/ruvelro/Halt-and-Block-Mining/master/HBmining.bat *.bat? rly?

collinbarrett commented 5 years ago

I'm not totally sure what your question is, but feel free to just not add any lists that you don't think are useful or are too hard to add to the current data model. Also, see #19 for that first url.

bogachenko commented 5 years ago

@collinbarrett The question was what is it? ok no matter I just will not add.

Last ~(rhetorical) question~ word.

these lists:

https://github.com/Ultimate-Hosts-Blacklist/smed79_parkingcrew.com/tree/master/output/domains

https://github.com/Ultimate-Hosts-Blacklist/SMed79_admeasures_adservers/tree/master/output/domains

https://github.com/Ultimate-Hosts-Blacklist/SMed79_uponit.com_adservers/tree/master/output/domains

https://github.com/Ultimate-Hosts-Blacklist/smed79_getadmiral.com/tree/master/output/domains

https://github.com/Ultimate-Hosts-Blacklist/SMed79_hilltopads_adservers/tree/master/output/domains

https://github.com/Ultimate-Hosts-Blacklist/smed79_propellerads_adservers/tree/master/output/domains

https://github.com/Ultimate-Hosts-Blacklist/smed79_popads_adservers/tree/master/output/domains

https://github.com/Ultimate-Hosts-Blacklist/smed79_blocklist_facebook/tree/master/output/domains

https://github.com/Ultimate-Hosts-Blacklist/SMed79_assorted/tree/master/output/domains

generated in

https://hosts.ubuntu101.co.za/hosts
https://hosts.ubuntu101.co.za/domains.list
https://hosts.ubuntu101.co.za/ips.list

I will not add them. If you needed, full speed ahead!

collinbarrett / FilterLists

add new lists #709