Skynet A beginner tackles Skynet

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

aps

Occasional Visitor
Thanks Adamm for taking the time to develop and maintain Skynet. I'm a complete novice at all this but have just upgraded to Merline Firmware, added Skynet and then added a number of countries as being "banned". The reason for the post is that I have some questions that I've not found answers to despite trawling the various treads. So here goes:

  1. On loading Skynet there is the following text: 50920 IPs (+0) -- 31792 Ranges Banned (+0) || 16118 Inbound -- 1188 Outbound Co! What does all this mean? I'm assuming that 50920 IP addresses are banned but what is the (+0)? And what is the 16118 Inbound referring to?
  2. I get that I can add banned malware but is it correct that there is a default list of banned malware that is blocked?
  3. Is there any impact, either positive or negative, in enabling the DNSFilter in (RT-AC86U) web-console when Skynet is running?
 

cptnoblivious

Regular Contributor
Skynet loads blacklists, so you're in fact benefiting from other folks work to identify, track and publish lists of folks to avoid.

The other thing I'd suggest is to use a malware blocking DNS provider, depending on where you are in the world there are multiple options.

I'd not start manually blocking unless you have good reason to.

Just my $0.02 :)
 

aps

Occasional Visitor
Skynet loads blacklists, so you're in fact benefiting from other folks work to identify, track and publish lists of folks to avoid.

The other thing I'd suggest is to use a malware blocking DNS provider, depending on where you are in the world there are multiple options.

I'd not start manually blocking unless you have good reason to.

Just my $0.02 :)
Thanks. Yes - saw the idea of a malware blocking DNS provider in the huge thread and implemented that at the router level as well as for the Guest Networks (via YazFi).
 

fields987

Regular Contributor
Thanks Adamm for taking the time to develop and maintain Skynet. I'm a complete novice at all this but have just upgraded to Merline Firmware, added Skynet and then added a number of countries as being "banned". The reason for the post is that I have some questions that I've not found answers to despite trawling the various treads. So here goes:

  1. On loading Skynet there is the following text: 50920 IPs (+0) -- 31792 Ranges Banned (+0) || 16118 Inbound -- 1188 Outbound Co! What does all this mean? I'm assuming that 50920 IP addresses are banned but what is the (+0)? And what is the 16118 Inbound referring to?
  2. I get that I can add banned malware but is it correct that there is a default list of banned malware that is blocked?
  3. Is there any impact, either positive or negative, in enabling the DNSFilter in (RT-AC86U) web-console when Skynet is running?

The +0 looks like output from updating malware blocklist. These numbers will vary as the blocklist maintainers (not adamm) add and remove ip’s and ranges from their lists. If you installed skynet with the default options this will update once a day automatically. If you look at the filter.list file on the github repo, this is the default list skynet is using. It is made up of several blocklists. You can create your own using pastebin if you need to but keep in mind the more you add to it the more likely you are to block legitimate sites. I’ve been using the defaults and haven’t had any false positives. Ymmv.

The inbound and outbound numbers refer to the number of incoming and outgoing connection attempts to ip’s contained in the blocklist populated by the filter.list file. In my experience it’s common to have a shockingly high number of inbound blocks due to all the bots scanning ranges/ports. If you go to firewall on the webui you should have a skynet tab with graphs and links to web reputation scores.

As far as using skynet with dnsfilter, there’s no compatibility issues between the two. They are kind of complimentary in my opinion. Skynet blocks ip’s and dns blocks hostnames. Personally I use both skynet and nextdns together and haven’t noticed any perceived latency.
 

JaimeZX

Senior Member
As above, the +0 means no change from previous list update. If you were to add or remove a country (or IP range) then you would see the delta indicated there.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top