Skynet Is default firewall good enough?

SomeWhereOverTheRainBow

Part of the Furniture
I typically run a check against it's IP on AlienVault if something looks suspicious or just to spot check...

I typically do such if I find something not regularly blocked is now being blocked.
 

Kingp1n

Very Senior Member

SomeWhereOverTheRainBow

Part of the Furniture
Can you add the steps on adding this list within Skynet? Also, if I would like to go back the skynet default list, would it be easy to do so? I appreciate it.
Okay under skynet menu

Select malware-blacklist (option 3)
And then option(2) for change filter list
Copy and paste the hyper-link.
Then go back into malware-blacklist option (3) from the main skynet menu and run the option to update.

A similar process is done to switch back to the default using the default filter list hyperlink.
 

SomeWhereOverTheRainBow

Part of the Furniture
It can still happen. Happened to me with certain domains without doing any country blocking.
I imagine anything is possible when doing country blocking. When it is easy enough for someone to look suspiciously at a nameserver because of its heavy influx of traffic every day and false report it. I have seen such happen as well. I imagine with country blocking, instead of playing pin the tail on the donkey like we are with false reports, we are playing where is carmen sandiago with whatever country to test-unblock next.
 

chongnt

Very Senior Member
pfBlockerNG on pfSense in my case.

You have to use custom blocking list in Skynet. The default is this one:


What we use is this one only:


And a description what it is here:

How to remove the default list? Is it exclude the list one by one?
 

chongnt

Very Senior Member
I think post 43 tells all.
Following those steps changes (replaces) the default list to be the one you want? :)
Meaning I can only add a single url list, and this will overwrite the existing default lists?
I check /mnt/amtm/skynet/lists the default lists are still there. How do I know if the default list is active or not?
 

Treadler

Very Senior Member
Meaning I can only add a single url list, and this will overwrite the existing default lists?
I check /mnt/amtm/skynet/lists the default lists are still there. How do I know if the default list is active or not?
Skynet ‘option2’ says “change list”, so I assumed that happens.
I used the list in post 32, & my no. of ip’s blocked went from about 40k to over 250k. I guess it worked!
 

Treadler

Very Senior Member
Apologies for waking up an older thread.

I use IPv4 + IPv6.
Skynet ‘appears‘ to do it’s good work via ipv4 only. (Please confirm).
Is there any point in using Skynet on an IPv6 enabled network?
 

dave14305

Part of the Furniture
Is there any point in using Skynet on an IPv6 enabled network?
Are there any IPv6 blocklists published anywhere? The vastness of IPv6 address space makes it easier for you to be a needle in the haystack, but same for the bad guys.

We only have a few minutes left before @Tech9 arrives and tells you to disable IPv6 and Skynet. :)
 

Treadler

Very Senior Member
We only have a few minutes left before………:D
 

Tech9

Part of the Furniture
We only have a few minutes left before @Tech9 arrives and tells you to disable IPv6 and Skynet. :)

Sorry, I was busy inspecting German autobahns and the electricity issues in Danmark. No immediate concerns noticed. Yes, you guys can save yourself all the trouble by disabling IPv6 now. :)
 
Last edited:

Kingp1n

Very Senior Member
Sorry, I was busy inspecting German autobahns and the electricity issues in Danmark. No immediate concerns noticed. Yes, you guys can save yourself all the trouble by disabling IPv6 now. :)
@Tech9

I have to ask....do you have a link I can go check to see why you don't recommend having IPV6 enabled?

I currently don't have it enabled but just curious what you know or knowledge against is. ..I appreciate it.
 

SomeWhereOverTheRainBow

Part of the Furniture
@Tech9

I have to ask....do you have a link I can go check to see why you don't recommend having IPV6 enabled?

I currently don't have it enabled but just curious what you know or knowledge against is. ..I appreciate it.
@Kingp1n I don't necessarily believe his stance is against enabling ipv6. It seems more of the prudent approach to not enable it if it is not needed. For the uneducated it would potentially create one more layer or problem for the user to have to overcome when nothing would have otherwise became broken if it had not been enabled. Personally, if you want to try it out and accept that there maybe things you would need to learn along the way, then enable it and it will be a new learning experience.
 

SomeWhereOverTheRainBow

Part of the Furniture
@Kingp1n The biggest proponent for enabling ipv6 is also its biggest proponent against enabling it. That is why it is hard to say yay or nay on whether it should be enabled. It is truly a personal choice. Just remember that one day it might not be a choice at all. So it might be more prudent to learn about using ipv6 now than down the road when it might be forced.
 

Tech9

Part of the Furniture
I have to ask....do you have a link

Yes, I do. We had a long discussion of pros and cons.


It seems more of the prudent approach to not enable it if it is not needed.

Correct. The same applies to other firmware options. If disabled by default - there is a reason.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top