search

fabriziosalmi / blacklists

Hourly updated domains blacklist 🚫
https://github.com/fabriziosalmi/blacklists/releases/download/latest/blacklist.txt
GNU General Public License v3.0
117 stars 5 forks source link

Integrations #52

Closed fabriziosalmi closed 3 months ago

fabriziosalmi commented 12 months ago

A list of software and solutions that can integrate and enforce domain-based (FQDN) blacklists like blacklist.txt includes:

  1. DNS Servers/Resolvers:

    • BIND9: As discussed earlier, you can use RPZ (Response Policy Zones) to enforce domain-based blacklisting.
    • PowerDNS: Supports RPZ and can enforce domain-based blacklisting.
    • Unbound: Can use domain blacklists directly to block unwanted domains.
    • Pi-hole: An open-source DNS sinkhole that can be fed with domain-based blacklists to block ads and trackers at the DNS level.

  2. Web Proxies:

    • Squid: This caching and forwarding web proxy can integrate domain-based blacklists to block access to specific sites.
    • Privoxy: A non-caching web proxy that can be combined with Tor. It can be fed with domain blacklists.

  3. Web Content Filters:

    • DansGuardian (now E2Guardian): Filters web access and can be combined with Squid. It supports domain-based blacklists.
    • URLFilterDB: Can integrate with the Squid web proxy and uses domain blacklists.

  4. Firewalls & Unified Threat Management (UTM) Solutions:

    • pfSense: An open-source firewall and router. With packages like pfBlockerNG, it can integrate domain-based blacklists.
    • OPNsense: A fork of pfSense. It can also integrate domain-based blacklists with certain plugins.
    • Endian Firewall: A UTM solution that can use domain blacklists to block access to specific sites.
    • Sophos UTM: Commercial solution with web filtering capabilities that can potentially integrate custom domain blacklists.

  5. Next-gen Firewalls & Security Solutions:

    • Palo Alto Networks: Their NGFWs can integrate custom domain blacklists.
    • Fortinet: Their FortiGate NGFWs can be fed with custom domain blacklists for web filtering.
    • Cisco Firepower/ASA with FirePOWER: Can use domain-based blacklists for web filtering.

  6. SIEM Solutions:

    • Splunk: With its security plugins, you can integrate domain-based blacklists and get alerted on matches.
    • ELK Stack (Elasticsearch, Logstash, Kibana): Can integrate domain-based blacklists and visualize/access logs based on hits.

  7. Threat Intelligence Platforms:

    • MISP (Malware Information Sharing Platform & Threat Sharing): Can integrate domain-based indicators of compromise.

  8. Endpoint Protection:

    • Next-Gen Antivirus solutions: Many modern antivirus solutions allow for the integration of custom blacklists, including domain names.

[...]