search

hagezi / dns-blocklists

DNS-Blocklists: For a better internet - keep the internet clean!
GNU General Public License v3.0
6.18k stars 209 forks source link

The Threat Intelligence (TIF) list seems to have some wrong domains looking like "hosts" entries #1508

Closed cbuijs closed 1 year ago

cbuijs commented 1 year ago

It is about this list (TIF): https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/tif-onlydomains.txt

Above list contains more than 200 entries that seems to be coming/sourced from a "hosts" file that is missing a space/blank between IP-Addres (0.0.0.0) and the domain name.

Couple of examples:

...
0.0.0.0stratum.wemineftc.com
0.0.0.0alexzver33.wix.com
0.0.0.0bitcoinp2pool.zapto.org
0.0.0.0cpumining.zapto.org
0.0.0.0dyngepeng.zapto.org
0.0.0.0fpool1.zapto.org
0.0.0.0litecoinp2pool.zapto.org
0.0.0.0p2poolchina.zapto.org
0.0.0.0trossmining.zapto.org
0.0.0.0trtl-moria.zapto.org
0.0.0.0updatewindows.zapto.org
0.0.0.0zwembad.zapto.org
0.0.0.0play.anyname.zelfo.pw
0.0.0.0dzpr.zzszgz.com
0.0.0.0pbsb.zzszgz.com
...

Potentially not having any effect and not blocking the real domain-name with the IP-Address attached, which could be a risk.

hagezi commented 1 year ago

@cbuijs Thanks, fixed on next update.

cbuijs commented 1 year ago

Cool! Thanks!

hagezi commented 1 year ago

ping @olbat via: https://raw.githubusercontent.com/olbat/ut1-blacklists/master/blacklists/cryptojacking/domains