Skynet my setup which is working well (ymmv)

lightaffaire

Occasional Visitor
I installed skynet a couple of months ago and have been impressed by the amount of bad boys it allows me to easily block.

Maybe someone finds my setup useful (or not):

1. used this list of filters: https://raw.githubusercontent.com/jumpsmm7/GeneratedAdblock/master/filter.list

2. over time i have added various countries to the "Banned Countries" list which has really helped:
az azerbaijan (this is #1-3 in banned ip's... russia is probably hacking thru here)
by belarus
cn china
hk hong kong
ir iran
ru russia (check az and sc in this list)
sc seychelles (weird but they must host stuff as it is also #1-5 in banned ip's since end of feb 2022)
ua ukraine
note: this list works for _me_ as I have no private or work related requirements in those countries... ymmv.

3. over time check the BLOCKED OUTGOING messages which break down into 4 types
- microsoft windows update servers (whitelisted)
- linux fedora/redhat update servers (whitelisted)
- social media apps calling home or sending stats (a few whitelisted... worst offender is tik-tok that is massively chatty)
- unknown (happens when people visit and use the wifi... never whitelist these)

On some days I get 15K to 20K inbound blocks.

Skynet has been very useful and reliable. Recommended.

Iain
 

Viktor Jaep

Very Senior Member
I installed skynet a couple of months ago and have been impressed by the amount of bad boys it allows me to easily block.

Maybe someone finds my setup useful (or not):

1. used this list of filters: https://raw.githubusercontent.com/jumpsmm7/GeneratedAdblock/master/filter.list

2. over time i have added various countries to the "Banned Countries" list which has really helped:
az azerbaijan (this is #1-3 in banned ip's... russia is probably hacking thru here)
by belarus
cn china
hk hong kong
ir iran
ru russia (check az and sc in this list)
sc seychelles (weird but they must host stuff as it is also #1-5 in banned ip's since end of feb 2022)
ua ukraine
note: this list works for _me_ as I have no private or work related requirements in those countries... ymmv.

3. over time check the BLOCKED OUTGOING messages which break down into 4 types
- microsoft windows update servers (whitelisted)
- linux fedora/redhat update servers (whitelisted)
- social media apps calling home or sending stats (a few whitelisted... worst offender is tik-tok that is massively chatty)
- unknown (happens when people visit and use the wifi... never whitelist these)

On some days I get 15K to 20K inbound blocks.

Skynet has been very useful and reliable. Recommended.

Iain
Skynet is a nice little tool... I guess I go a little more overboard on the blocked countries, but this is my list that serves me well... ;)

Code:
sh /jffs/scripts/firewall ban country "ru cn kp ir iq sa ae pk af az ba bg hr cu cz eg ee ge va hu id in il kz kw kg lv md om qa ro rs sk si sy tr ua uz"
 

lightaffaire

Occasional Visitor
Skynet is a nice little tool... I guess I go a little more overboard on the blocked countries, but this is my list that serves me well... ;)

Code:
sh /jffs/scripts/firewall ban country "ru cn kp ir iq sa ae pk af az ba bg hr cu cz eg ee ge va hu id in il kz kw kg lv md om qa ro rs sk si sy tr ua uz"

thank you. I took a look at your list. removed some of the european countries and added a couple more russian satellite countries and now have:

af az by cn ge hk il iq ir kd kg kp kz md ru sc sy tj tm ua uz

Iain
 

Tech9

Part of the Furniture

Tech9

Part of the Furniture
And you have 15-20k blocked connections to ports 22, 25, 443?
 

lightaffaire

Occasional Visitor
And you have 15-20k blocked connections to ports 22, 25, 443?

no. a mix of blocks to the ax11000 and to the server with those ports. a definite uptick since march.
 

Tech9

Part of the Furniture
In this case you have 15-20k mix of blocked and recognized in block lists IPs. Skynet marks as blocked the IPs blocked already by your router's firewall. If you have no services open to Internet, all inbound IPs marked as blocked in Skynet would have been blocked by the firewall anyway.
 

Khadanja

Senior Member

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top