What's new

Skynet A beginner tackles Skynet

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

aps

Occasional Visitor
Thanks Adamm for taking the time to develop and maintain Skynet. I'm a complete novice at all this but have just upgraded to Merline Firmware, added Skynet and then added a number of countries as being "banned". The reason for the post is that I have some questions that I've not found answers to despite trawling the various treads. So here goes:

  1. On loading Skynet there is the following text: 50920 IPs (+0) -- 31792 Ranges Banned (+0) || 16118 Inbound -- 1188 Outbound Co! What does all this mean? I'm assuming that 50920 IP addresses are banned but what is the (+0)? And what is the 16118 Inbound referring to?
  2. I get that I can add banned malware but is it correct that there is a default list of banned malware that is blocked?
  3. Is there any impact, either positive or negative, in enabling the DNSFilter in (RT-AC86U) web-console when Skynet is running?
 
Skynet loads blacklists, so you're in fact benefiting from other folks work to identify, track and publish lists of folks to avoid.

The other thing I'd suggest is to use a malware blocking DNS provider, depending on where you are in the world there are multiple options.

I'd not start manually blocking unless you have good reason to.

Just my $0.02 :)
 
Skynet loads blacklists, so you're in fact benefiting from other folks work to identify, track and publish lists of folks to avoid.

The other thing I'd suggest is to use a malware blocking DNS provider, depending on where you are in the world there are multiple options.

I'd not start manually blocking unless you have good reason to.

Just my $0.02 :)
Thanks. Yes - saw the idea of a malware blocking DNS provider in the huge thread and implemented that at the router level as well as for the Guest Networks (via YazFi).
 
Thanks Adamm for taking the time to develop and maintain Skynet. I'm a complete novice at all this but have just upgraded to Merline Firmware, added Skynet and then added a number of countries as being "banned". The reason for the post is that I have some questions that I've not found answers to despite trawling the various treads. So here goes:

  1. On loading Skynet there is the following text: 50920 IPs (+0) -- 31792 Ranges Banned (+0) || 16118 Inbound -- 1188 Outbound Co! What does all this mean? I'm assuming that 50920 IP addresses are banned but what is the (+0)? And what is the 16118 Inbound referring to?
  2. I get that I can add banned malware but is it correct that there is a default list of banned malware that is blocked?
  3. Is there any impact, either positive or negative, in enabling the DNSFilter in (RT-AC86U) web-console when Skynet is running?

The +0 looks like output from updating malware blocklist. These numbers will vary as the blocklist maintainers (not adamm) add and remove ip’s and ranges from their lists. If you installed skynet with the default options this will update once a day automatically. If you look at the filter.list file on the github repo, this is the default list skynet is using. It is made up of several blocklists. You can create your own using pastebin if you need to but keep in mind the more you add to it the more likely you are to block legitimate sites. I’ve been using the defaults and haven’t had any false positives. Ymmv.

The inbound and outbound numbers refer to the number of incoming and outgoing connection attempts to ip’s contained in the blocklist populated by the filter.list file. In my experience it’s common to have a shockingly high number of inbound blocks due to all the bots scanning ranges/ports. If you go to firewall on the webui you should have a skynet tab with graphs and links to web reputation scores.

As far as using skynet with dnsfilter, there’s no compatibility issues between the two. They are kind of complimentary in my opinion. Skynet blocks ip’s and dns blocks hostnames. Personally I use both skynet and nextdns together and haven’t noticed any perceived latency.
 
As above, the +0 means no change from previous list update. If you were to add or remove a country (or IP range) then you would see the delta indicated there.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top