maltrail
hosts
Our great sponsors
maltrail | hosts | |
---|---|---|
5 | 306 | |
5,731 | 25,413 | |
- | - | |
10.0 | 9.5 | |
6 days ago | 10 days ago | |
Python | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
maltrail
-
Maltrail: Malicious traffic detection system
I just wanted to tell you about Maltrail (https://github.com/stamparm/maltrail/).
-
Is Maltrait worth the trouble?
Yes, MT had OOM on *BSD, because of python-pcapy module, which is currently unmaintained. So, the fork was done and python-pcapy-ng becomes actual module for MT, which fixed OOM and now MT works OK for *BSD-line: [1] https://github.com/stamparm/maltrail/issues/19056 [2] https://github.com/stamparm/maltrail/issues/16710 [3] py-pcapy-ng on Fresh Ports: https://www.freshports.org/net/py-pcapy-ng/ Also /requirement.txt file was modified for MT to avoid installing python-pcapy instead of python-pcapy-ng: [4] https://github.com/stamparm/maltrail/commit/2aa2da5ba5c332ddd106020290926d1fdfd0f8b2 Despite on all it, some mass-medias keep saying that python-pcapy is required for MT to work. No, just python-pcapy-ng. "Given everything is now encrypted, does anyone know if it is still effective?" <-- IDS (MT is the IDS itself) is passive detection, it doesn't provide the prevention actions. MT can use blocking mechanism, they are describes for Linux: https://github.com/stamparm/maltrail/wiki/Miscellaneous#1-setting-up-maltrail-as-an-intrusion-prevention-system-ips . If some can describe mechanism for MT on *BSD-line, that would be nice. Anyway would be thankful, if you provide details on missing ransomware. Perhaps, it is needed to update network IoCs, if ransomware comprometation was via network. Thank you! "Are the signatures reasonably up to date?" <-- trying to be up-to-dated: https://github.com/stamparm/maltrail/commits/master
-
Low resource alternative to Security Onion
Security Onion is a suite of tools, but if you just want visibility into things happening on your perimeter with Fail2ban style mitigation check out MalTrail. https://github.com/stamparm/MalTrail
-
Having Problems Using Wire? That's Because Wire Domains Are Ending Up In NextDNS Threat Intelligence Blocklists!
The Threat Intelligence Feeds have multiple upstream sources, see https://github.com/nextdns/metadata/blob/master/security/threat-intelligence-feeds.json. In this case, Maltrail Blacklist seems to have included this domain. You can report this directly to that maintainer here: https://github.com/stamparm/maltrail/issues
-
How do you run self-hosted software?
last docker discovery : maltrail (https://github.com/stamparm/maltrail , about to be moved from VM to docker)
hosts
-
Does PiHole block porn?
Not by default but a blocklist can be found here https://github.com/StevenBlack/hosts
-
Steven Black DNS blocklist blocked gstatic.com
While it is now unblocked, the Steven Black list has been blocking a lot of innocent CDNs.
jQuery: https://github.com/StevenBlack/hosts/issues/2520
-
Open Source Ad Blocker for Mac, Windows, and Linux
How does this compare to using a hosts file with known ad servers?
like: https://github.com/StevenBlack/hosts
-
Show HN: YouTube banned adblockers so I built an extension to skip their ads
I use the Hosts file to block a ton of ads and that works really well. https://github.com/StevenBlack/hosts Something worth considering if your ad blocker isn't working well.
-
Big things are happening with RaspAP's Ad Blocking 🛑 Users will soon have more blocklist sources to choose from
The no-tracking project used by RaspAP is shutting down, so we took the opportunity to search for open source blocklist alternatives. Among the best is Steven Black's hosts list: https://github.com/StevenBlack/hosts
-
Radar Maps: $0.50 per 1K map loads
No idea, api.radar.io is on the block list since January 2020.
The commit's comment is "major update from adaway.org"
https://github.com/stevenblack/hosts/commit/4fa0470
-
Browser extensions spy on you, even if its developers don't
You can also use a declarative adblocker like uBlock Origin Lite [1], which only provides the browser with a list of elements to filter, but doesn't have any permissions to read content or perform requests. Or simply use your hosts file to apply OS-wide filtering with no browser add-ons needed: https://github.com/StevenBlack/hosts
Be aware that if you use these "passive" blocking methods, there are some sites like YouTube where you will see ads, because in these cases it's necessary to actually manipulate page content to hide them. What you can do is use a traditional adblocker but enable it only for these few sites where the declarative approach is not enough, take a look at [2] for more details.
[1] https://github.com/uBlockOrigin/uBOL-home
[2] https://seirdy.one/posts/2022/06/04/layered-content-blocking...
-
I installed Firefox + uBlock Origin like everyone suggested in my previous post, but this pop-up still appears, now with a 5 sec timer.
https://github.com/StevenBlack/hosts if you want to do it on your PC.
- “We have nothing to do with ads ” (2021)
-
[Paid Release]CCAdsBeGone - Customized Ads Blocking At Your Fingertips
When I select my custom hosts file, it basically breaks internet. However, if I choose a custom hosts file that is a copy of the dev's default, or if I just add a few lines to it, it will work. If I add too many lines, or use a different hosts file altogether (like the ones recommended by the dev), all connectivity breaks. Of course the latest official LetMeBlock is installed and mDNSResponder killed/restarted. I'm using Dopamine on A12+.
What are some alternatives?
Suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
blitz-app-adblock - Simple and quick patcher that blocks ads/trackers on the Blitz.gg desktop application.
Fail2Ban - Daemon to ban hosts that cause multiple authentication errors
uBlock - uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.
rpi-appliance-monitor - Device to monitor appliances that vibrate, such as clothes dryers or garage door openers
shallalist - DISCONTINUED!!! - Unpacked ShallaList Repo
community - Volatility plugins developed and maintained by the community
easylist - EasyList filter subscription (EasyList, EasyPrivacy, EasyList Cookie, Fanboy's Social/Annoyances/Notifications Blocking List)
MalConfScan - Volatility plugin for extracts configuration data of known malware
Pi-hole - A black hole for Internet advertisements
pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
hosts-blocklists - Automatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage