diff --git a/blacklists/README.md b/blacklists/README.md new file mode 100644 index 0000000..6af029a --- /dev/null +++ b/blacklists/README.md @@ -0,0 +1,67 @@ +ChipMaster's Black Lists +======================== + +These are provided simply for the curious. I'm actively using these +lists to block traffic I don't want happening. I'm very militant +about traffic on my network. I don't want my computers doing anything +I didn't ask it to do. So I block for the following reasons: + + 1. I find a program reaching out across the net when there is no visual + reason for them to do so. This could be any number of things + like: update servers, feature use tracking, DRM tracking, ... + + 2. Website advertisers: IMO these are particularly nasty. Its not + that I necessarily have anything against a site funding itself + with ads. Although some sites are rude in how they place them or + they perform rude, malware like actions. But the **REAL** risk, + as far as I'm concerned, is that many cyber-thugs use ad services + to distribute malware. Unfortunately the ad services don't seem + to have any interest in vetting their scuzz. + + 3. Some host names are specifically used for tracking, like "g00gle + analytics". I have nothing against a site owner wanting to know + how their site is being used. All of us, with websites, want to + know how popular the site is and specifically which pages are the + most viewed and common occurring browse patterns, to tell us how + we may be able to better our sites. But off-site trackers slow + down my browsing experience and someone as massive as g00gle can + aggregate this with a lot of other data sources to learn and sell + waaay too much about me. + + 4. I want to deliberately block updates. Although as a Linux user + that's not usually my concern. But I do it for clients to prevent + M$ and others from breaking stuff. I also do it so I won't be + constantly hounded by "I can't update" or "there is a new + version" messages. + + 5. Unknown traffic being generated by device X, like Android + devices. What on earth are they busy chattering about? That's + malware like activity. Or maybe its **real** malware activity? + =-O + + 6. Some location was causing me to _wait_. Common examples are the + "like" buttons for major social networks. The off-site hosted + code is either large, on a slow server or behaving in suspicious + manner like taking too much CPU power. I've had some of those + literally lock a machine up until I kill them. If nothing else + this is extremely poor coding but it could be worse. + + 7. I just don't know what its for and I notice nothing wrong when I + block it. :-D + + 8. Something in its behavior alerts me to potential danger. + +And there are other reasons something might tweak me funny and I say, +"That's enough of that." + +All of that to say that the things I'm blocking might not actually be +_bad_ but they annoy me for one reason or another and it may just be +a philosophical disagreement on my part. But think about the enormous +amount of browsing information that can be accumulated by g00gle +simply hosting popular JavaScript libraries and then linking that to +your g00gle login... + +Use any of this at your own peril. + +- ChipMaster + diff --git a/blacklists/hosts b/blacklists/hosts new file mode 100644 index 0000000..ba2efc3 --- /dev/null +++ b/blacklists/hosts @@ -0,0 +1,186 @@ +# ChipMaster's DNS (/etc/hosts) Black List +# Written by Jonathan A. Foster +# Started April 24th, 2021 +# +# To block these just paste them into "/etc/hosts". The oddball IP +# address is so its to see that I blocked the host name. Being a +# local address means it fails quickly. One could even setup a local +# web server on this address for way more fun! I serve this list to +# my whole network with "dnsmasq". If you are running IPv6 You will +# Need to dupe the list with IPv6 local addresses like ::1. + +127.0.0.255 16d3bd5c-bf92-4bf0-815a-eac397d3aadf.prmutv.co +127.0.0.255 aa.agkn.com +127.0.0.255 aax-us-east.amazon-adsystem.com +127.0.0.255 accounts.google.com +127.0.0.255 adservice.google.com +127.0.0.255 alt1.mobile-gtalk.l.google.com +127.0.0.255 alt2.mobile-gtalk4.l.google.com +127.0.0.255 alt3.mobile-gtalk.l.google.com +127.0.0.255 alt4.mobile-gtalk4.l.google.com +127.0.0.255 alt5.mobile-gtalk.l.google.com +127.0.0.255 alt6.mobile-gtalk4.l.google.com +127.0.0.255 alt7.mobile-gtalk.l.google.com +127.0.0.255 alt8.mobile-gtalk4.l.google.com +127.0.0.255 analytics.supplyframe.akadns.net +127.0.0.255 android.googleapis.com +127.0.0.255 android.l.google.com +127.0.0.255 api.amplitude.com +127.0.0.255 api.permutive.com +127.0.0.255 api-v3.tinypass.com +127.0.0.255 autopush.prod.mozaws.net +127.0.0.255 bcp.crwdcntrl.net +127.0.0.255 bttrack.com +127.0.0.255 ccpa.sp-prod.net +127.0.0.255 cdn.cookielaw.org +127.0.0.255 cdn.globalsigncdn.com.cdn.cloudflare.net +127.0.0.255 cds.taboola.com +127.0.0.255 clients.l.google.com +127.0.0.255 cm.g.doubleclick.net +127.0.0.255 comcluster.cxense.com +127.0.0.255 connect.scroll.com +127.0.0.255 deviceintegritytokens-pa.googleapis.com +127.0.0.255 dorpat.geo.iponweb.net +127.0.0.255 e1.emxdgt.com +# Kindle? +127.0.0.255 elb-p-gld-ew1-1592297853.eu-west-1.elb.amazonaws.com +127.0.0.255 ei.rlcdn.com +127.0.0.255 embed.tawk.to +127.0.0.255 experience.tinypass.com +127.0.0.255 fcmatch.google.com +127.0.0.255 firefox.settings.services.mozilla.com +127.0.0.255 firestore.googleapis.com +127.0.0.255 fls-na.amazon-adsystem.com +127.0.0.255 footprints-pa.googleapis.com +127.0.0.255 fpa-events-slate-com.parsely.com +127.0.0.255 fulcrum-antenna.imhd.io +127.0.0.255 g.ezoic.net +127.0.0.255 geolocation.onetrust.com +127.0.0.255 gixel.gnetwork.me +127.0.0.255 google.com +127.0.0.255 googleads.g.doubleclick.net +127.0.0.255 gstaticadssl.l.google.com +127.0.0.255 history.l.google.com +127.0.0.255 ib.anycast.adnxs.com +127.0.0.255 id.tinypass.com +127.0.0.255 id5-sync.com +127.0.0.255 idaas-ext.cph.liveintent.com +127.0.0.255 idsync.rlcdn.com +127.0.0.255 in.treasuredata.com +127.0.0.255 in-live.live.eks.hotjar.com +127.0.0.255 inbox.google.com +127.0.0.255 jetpack.wordpress.com +127.0.0.255 la-vip001.taboola.com +127.0.0.255 lamssettings-pa.googleapis.com +127.0.0.255 live.mozillamessaging.com +127.0.0.255 mclients.googleapis.com +127.0.0.255 message-iad.sp-prod.net +127.0.0.255 mobile-gtalk.l.google.com +127.0.0.255 mwzeom.zeotap.com +127.0.0.255 normandy-cdn.services.mozilla.com +127.0.0.255 ocsp.godaddy.com.akadns.net +127.0.0.255 onesignal.com +127.0.0.255 p1.parsely.com +127.0.0.255 partnerad.l.doubleclick.net +127.0.0.255 people-pa.googleapis.com +127.0.0.255 photos-ugc.l.googleusercontent.com +127.0.0.255 pippio.com +127.0.0.255 pki-goog.l.google.com +127.0.0.255 playatoms-pa.googleapis.com +127.0.0.255 play.googleapis.com +127.0.0.255 play-lh.googleusercontent.com +127.0.0.255 prod.balrog.prod.cloudops.mozgcp.net +127.0.0.255 prod-ash-usermatch-1919559762.us-east-1.elb.amazonaws.com +127.0.0.255 prod-classifyclient.normandy.prod.cloudops.mozgcp.net +127.0.0.255 prod.detectportal.prod.cloudops.mozgcp.net +127.0.0.255 prod.pocket.prod.cloudops.mozgcp.net +# Not sure what this host is used for. +127.0.0.255 proxyserverecs-1736642167.us-east-1.elb.amazonaws.com +127.0.0.255 public-api.wordpress.com +127.0.0.255 r1.sn-cxoqcc-gqhe.googlevideo.com +127.0.0.255 r1.sn-cxoqcc-gqhl.googlevideo.com +127.0.0.255 r1.sn-nx57ynse.googlevideo.com +127.0.0.255 r2.sn-cxoqcc-gqhe.googlevideo.com +127.0.0.255 r2.sn-cxoqcc-gqhl.googlevideo.com +127.0.0.255 r3.sn-5uaezn6r.googlevideo.com +127.0.0.255 rtb-csync-tmk.smartadserver.com +127.0.0.255 s0.wp.com +127.0.0.255 safebrowsing.googleapis.com +127.0.0.255 sb-ssl.l.google.com +127.0.0.255 scontent.xx.fbcdn.net +127.0.0.255 script.hotjar.com +127.0.0.255 search.r53-2.services.mozilla.com +127.0.0.255 services.prod.mozaws.net +127.0.0.255 shavar.prod.mozaws.net +127.0.0.255 sjc-bh-bgp.contextweb.com +127.0.0.255 ssl-google-analytics.l.google.com +127.0.0.255 star-mini.c10r.facebook.com +127.0.0.255 stats.wp.com +127.0.0.255 storage.googleapis.com +127.0.0.255 sync.crwdcntrl.net +127.0.0.255 sync.intentiq.com +127.0.0.255 tagr-gcp-odr-use1.mookie1.com +127.0.0.255 tags.crwdcntrl.net +127.0.0.255 telemetrics.klaviyo.com +127.0.0.255 thrtle.com +127.0.0.255 tls13.taboola.map.fastly.net +127.0.0.255 tpc.googlesyndication.com +127.0.0.255 track.adformnet.akadns.net +127.0.0.255 u.openx.net +127.0.0.255 us-odc.samsungapps.com.cdngc.net +127.0.0.255 va.tawk.to +127.0.0.255 vars.hotjar.com +127.0.0.255 vc-live-cf.hotjar.io +127.0.0.255 versioncheck.prod.mozaws.net +127.0.0.255 voledevice-pa.googleapis.com +127.0.0.255 vsb10.tawk.to +127.0.0.255 vsb46.tawk.to +127.0.0.255 widget.da1.vip.prod.criteo.com +127.0.0.255 widgetdata.tradingview.com +127.0.0.255 widgets.outbrain.com +127.0.0.255 ws-eu.assoc-amazon.com +127.0.0.255 www4.l.google.com +127.0.0.255 www.assoc-amazon.co.uk +127.0.0.255 www.googleadservices.com +127.0.0.255 www.googleapis.com +127.0.0.255 www.google-analytics.com google-analytics.com +127.0.0.255 www.googletagmanager.com googletagmanager.com +127.0.0.255 www.npttech.com +127.0.0.255 x.bidswitch.net +127.0.0.255 widget-pixels.outbrain.com +127.0.0.255 tcheck.outbrainimg.com +127.0.0.255 log.outbrainimg.com +127.0.0.255 load.sumo.com +127.0.0.255 www.sumo.com +127.0.0.255 sumo.com +127.0.0.255 s7.addthis.com +127.0.0.255 my.hellobar.com +127.0.0.255 connect.facebook.net +127.0.0.255 v1.addthisedge.com +127.0.0.255 m.addthis.com +127.0.0.255 api-public.addthis.com +127.0.0.255 cdn.pushcrew.com +127.0.0.255 platform.twitter.com +127.0.0.255 httpworldisraelnewscom.disqus.com +127.0.0.255 disqus.com +127.0.0.255 referrer.disqus.com +127.0.0.255 c.disquscdn.com +127.0.0.255 syndication.twitter.com +127.0.0.255 realtime.services.disqus.com +127.0.0.255 cdn.syndication.twimg.com +127.0.0.255 pbs.twimg.com +127.0.0.255 ton.twimg.com +127.0.0.255 glitter.services.disqus.com + +# Some sites break without these +#127.0.0.255 ajax.googleapis.com +#127.0.0.255 apis.google.com +#127.0.0.255 fonts.googleapis.com +#127.0.0.255 fonts.gstatic.com +# Even though I don't use g00gle.com seems they CDN stuff from here. +#127.0.0.255 www.google.com +#127.0.0.255 www.gstatic.com +# apis.google.com CNAME points here +#127.0.0.255 plus.l.google.com +# Do I want to Block? +#127.0.0.255 maps.googleapis.com