Browse Source

Start blacklist collection

master
Jon Foster 2 months ago
parent
commit
8e24e716e5
2 changed files with 253 additions and 0 deletions
  1. +67
    -0
      blacklists/README.md
  2. +186
    -0
      blacklists/hosts

+ 67
- 0
blacklists/README.md View File

@@ -0,0 +1,67 @@
ChipMaster's Black Lists
========================

These are provided simply for the curious. I'm actively using these
lists to block traffic I don't want happening. I'm very militant
about traffic on my network. I don't want my computers doing anything
I didn't ask it to do. So I block for the following reasons:

1. I find a program reaching out across the net when there is no visual
reason for them to do so. This could be any number of things
like: update servers, feature use tracking, DRM tracking, ...

2. Website advertisers: IMO these are particularly nasty. Its not
that I necessarily have anything against a site funding itself
with ads. Although some sites are rude in how they place them or
they perform rude, malware like actions. But the **REAL** risk,
as far as I'm concerned, is that many cyber-thugs use ad services
to distribute malware. Unfortunately the ad services don't seem
to have any interest in vetting their scuzz.

3. Some host names are specifically used for tracking, like "g00gle
analytics". I have nothing against a site owner wanting to know
how their site is being used. All of us, with websites, want to
know how popular the site is and specifically which pages are the
most viewed and common occurring browse patterns, to tell us how
we may be able to better our sites. But off-site trackers slow
down my browsing experience and someone as massive as g00gle can
aggregate this with a lot of other data sources to learn and sell
waaay too much about me.

4. I want to deliberately block updates. Although as a Linux user
that's not usually my concern. But I do it for clients to prevent
M$ and others from breaking stuff. I also do it so I won't be
constantly hounded by "I can't update" or "there is a new
version" messages.

5. Unknown traffic being generated by device X, like Android
devices. What on earth are they busy chattering about? That's
malware like activity. Or maybe its **real** malware activity?
=-O

6. Some location was causing me to _wait_. Common examples are the
"like" buttons for major social networks. The off-site hosted
code is either large, on a slow server or behaving in suspicious
manner like taking too much CPU power. I've had some of those
literally lock a machine up until I kill them. If nothing else
this is extremely poor coding but it could be worse.

7. I just don't know what its for and I notice nothing wrong when I
block it. :-D

8. Something in its behavior alerts me to potential danger.

And there are other reasons something might tweak me funny and I say,
"That's enough of that."

All of that to say that the things I'm blocking might not actually be
_bad_ but they annoy me for one reason or another and it may just be
a philosophical disagreement on my part. But think about the enormous
amount of browsing information that can be accumulated by g00gle
simply hosting popular JavaScript libraries and then linking that to
your g00gle login...

Use any of this at your own peril.

- ChipMaster


+ 186
- 0
blacklists/hosts View File

@@ -0,0 +1,186 @@
# ChipMaster's DNS (/etc/hosts) Black List
# Written by Jonathan A. Foster <ChipMaster@YeOlPiShack.net>
# Started April 24th, 2021
#
# To block these just paste them into "/etc/hosts". The oddball IP
# address is so its to see that I blocked the host name. Being a
# local address means it fails quickly. One could even setup a local
# web server on this address for way more fun! I serve this list to
# my whole network with "dnsmasq". If you are running IPv6 You will
# Need to dupe the list with IPv6 local addresses like ::1.

127.0.0.255 16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co
127.0.0.255 aa.agkn.com
127.0.0.255 aax-us-east.amazon-adsystem.com
127.0.0.255 accounts.google.com
127.0.0.255 adservice.google.com
127.0.0.255 alt1.mobile-gtalk.l.google.com
127.0.0.255 alt2.mobile-gtalk4.l.google.com
127.0.0.255 alt3.mobile-gtalk.l.google.com
127.0.0.255 alt4.mobile-gtalk4.l.google.com
127.0.0.255 alt5.mobile-gtalk.l.google.com
127.0.0.255 alt6.mobile-gtalk4.l.google.com
127.0.0.255 alt7.mobile-gtalk.l.google.com
127.0.0.255 alt8.mobile-gtalk4.l.google.com
127.0.0.255 analytics.supplyframe.akadns.net
127.0.0.255 android.googleapis.com
127.0.0.255 android.l.google.com
127.0.0.255 api.amplitude.com
127.0.0.255 api.permutive.com
127.0.0.255 api-v3.tinypass.com
127.0.0.255 autopush.prod.mozaws.net
127.0.0.255 bcp.crwdcntrl.net
127.0.0.255 bttrack.com
127.0.0.255 ccpa.sp-prod.net
127.0.0.255 cdn.cookielaw.org
127.0.0.255 cdn.globalsigncdn.com.cdn.cloudflare.net
127.0.0.255 cds.taboola.com
127.0.0.255 clients.l.google.com
127.0.0.255 cm.g.doubleclick.net
127.0.0.255 comcluster.cxense.com
127.0.0.255 connect.scroll.com
127.0.0.255 deviceintegritytokens-pa.googleapis.com
127.0.0.255 dorpat.geo.iponweb.net
127.0.0.255 e1.emxdgt.com
# Kindle?
127.0.0.255 elb-p-gld-ew1-1592297853.eu-west-1.elb.amazonaws.com
127.0.0.255 ei.rlcdn.com
127.0.0.255 embed.tawk.to
127.0.0.255 experience.tinypass.com
127.0.0.255 fcmatch.google.com
127.0.0.255 firefox.settings.services.mozilla.com
127.0.0.255 firestore.googleapis.com
127.0.0.255 fls-na.amazon-adsystem.com
127.0.0.255 footprints-pa.googleapis.com
127.0.0.255 fpa-events-slate-com.parsely.com
127.0.0.255 fulcrum-antenna.imhd.io
127.0.0.255 g.ezoic.net
127.0.0.255 geolocation.onetrust.com
127.0.0.255 gixel.gnetwork.me
127.0.0.255 google.com
127.0.0.255 googleads.g.doubleclick.net
127.0.0.255 gstaticadssl.l.google.com
127.0.0.255 history.l.google.com
127.0.0.255 ib.anycast.adnxs.com
127.0.0.255 id.tinypass.com
127.0.0.255 id5-sync.com
127.0.0.255 idaas-ext.cph.liveintent.com
127.0.0.255 idsync.rlcdn.com
127.0.0.255 in.treasuredata.com
127.0.0.255 in-live.live.eks.hotjar.com
127.0.0.255 inbox.google.com
127.0.0.255 jetpack.wordpress.com
127.0.0.255 la-vip001.taboola.com
127.0.0.255 lamssettings-pa.googleapis.com
127.0.0.255 live.mozillamessaging.com
127.0.0.255 mclients.googleapis.com
127.0.0.255 message-iad.sp-prod.net
127.0.0.255 mobile-gtalk.l.google.com
127.0.0.255 mwzeom.zeotap.com
127.0.0.255 normandy-cdn.services.mozilla.com
127.0.0.255 ocsp.godaddy.com.akadns.net
127.0.0.255 onesignal.com
127.0.0.255 p1.parsely.com
127.0.0.255 partnerad.l.doubleclick.net
127.0.0.255 people-pa.googleapis.com
127.0.0.255 photos-ugc.l.googleusercontent.com
127.0.0.255 pippio.com
127.0.0.255 pki-goog.l.google.com
127.0.0.255 playatoms-pa.googleapis.com
127.0.0.255 play.googleapis.com
127.0.0.255 play-lh.googleusercontent.com
127.0.0.255 prod.balrog.prod.cloudops.mozgcp.net
127.0.0.255 prod-ash-usermatch-1919559762.us-east-1.elb.amazonaws.com
127.0.0.255 prod-classifyclient.normandy.prod.cloudops.mozgcp.net
127.0.0.255 prod.detectportal.prod.cloudops.mozgcp.net
127.0.0.255 prod.pocket.prod.cloudops.mozgcp.net
# Not sure what this host is used for.
127.0.0.255 proxyserverecs-1736642167.us-east-1.elb.amazonaws.com
127.0.0.255 public-api.wordpress.com
127.0.0.255 r1.sn-cxoqcc-gqhe.googlevideo.com
127.0.0.255 r1.sn-cxoqcc-gqhl.googlevideo.com
127.0.0.255 r1.sn-nx57ynse.googlevideo.com
127.0.0.255 r2.sn-cxoqcc-gqhe.googlevideo.com
127.0.0.255 r2.sn-cxoqcc-gqhl.googlevideo.com
127.0.0.255 r3.sn-5uaezn6r.googlevideo.com
127.0.0.255 rtb-csync-tmk.smartadserver.com
127.0.0.255 s0.wp.com
127.0.0.255 safebrowsing.googleapis.com
127.0.0.255 sb-ssl.l.google.com
127.0.0.255 scontent.xx.fbcdn.net
127.0.0.255 script.hotjar.com
127.0.0.255 search.r53-2.services.mozilla.com
127.0.0.255 services.prod.mozaws.net
127.0.0.255 shavar.prod.mozaws.net
127.0.0.255 sjc-bh-bgp.contextweb.com
127.0.0.255 ssl-google-analytics.l.google.com
127.0.0.255 star-mini.c10r.facebook.com
127.0.0.255 stats.wp.com
127.0.0.255 storage.googleapis.com
127.0.0.255 sync.crwdcntrl.net
127.0.0.255 sync.intentiq.com
127.0.0.255 tagr-gcp-odr-use1.mookie1.com
127.0.0.255 tags.crwdcntrl.net
127.0.0.255 telemetrics.klaviyo.com
127.0.0.255 thrtle.com
127.0.0.255 tls13.taboola.map.fastly.net
127.0.0.255 tpc.googlesyndication.com
127.0.0.255 track.adformnet.akadns.net
127.0.0.255 u.openx.net
127.0.0.255 us-odc.samsungapps.com.cdngc.net
127.0.0.255 va.tawk.to
127.0.0.255 vars.hotjar.com
127.0.0.255 vc-live-cf.hotjar.io
127.0.0.255 versioncheck.prod.mozaws.net
127.0.0.255 voledevice-pa.googleapis.com
127.0.0.255 vsb10.tawk.to
127.0.0.255 vsb46.tawk.to
127.0.0.255 widget.da1.vip.prod.criteo.com
127.0.0.255 widgetdata.tradingview.com
127.0.0.255 widgets.outbrain.com
127.0.0.255 ws-eu.assoc-amazon.com
127.0.0.255 www4.l.google.com
127.0.0.255 www.assoc-amazon.co.uk
127.0.0.255 www.googleadservices.com
127.0.0.255 www.googleapis.com
127.0.0.255 www.google-analytics.com google-analytics.com
127.0.0.255 www.googletagmanager.com googletagmanager.com
127.0.0.255 www.npttech.com
127.0.0.255 x.bidswitch.net
127.0.0.255 widget-pixels.outbrain.com
127.0.0.255 tcheck.outbrainimg.com
127.0.0.255 log.outbrainimg.com
127.0.0.255 load.sumo.com
127.0.0.255 www.sumo.com
127.0.0.255 sumo.com
127.0.0.255 s7.addthis.com
127.0.0.255 my.hellobar.com
127.0.0.255 connect.facebook.net
127.0.0.255 v1.addthisedge.com
127.0.0.255 m.addthis.com
127.0.0.255 api-public.addthis.com
127.0.0.255 cdn.pushcrew.com
127.0.0.255 platform.twitter.com
127.0.0.255 httpworldisraelnewscom.disqus.com
127.0.0.255 disqus.com
127.0.0.255 referrer.disqus.com
127.0.0.255 c.disquscdn.com
127.0.0.255 syndication.twitter.com
127.0.0.255 realtime.services.disqus.com
127.0.0.255 cdn.syndication.twimg.com
127.0.0.255 pbs.twimg.com
127.0.0.255 ton.twimg.com
127.0.0.255 glitter.services.disqus.com

# Some sites break without these
#127.0.0.255 ajax.googleapis.com
#127.0.0.255 apis.google.com
#127.0.0.255 fonts.googleapis.com
#127.0.0.255 fonts.gstatic.com
# Even though I don't use g00gle.com seems they CDN stuff from here.
#127.0.0.255 www.google.com
#127.0.0.255 www.gstatic.com
# apis.google.com CNAME points here
#127.0.0.255 plus.l.google.com
# Do I want to Block?
#127.0.0.255 maps.googleapis.com

Loading…
Cancel
Save