/ Pi-hole

CryptoAUSTRALIA's Favourite Block Lists

Pi-hole is a network-wide ad blocking service you can install on a Raspberry Pi. The project is praised for its advertisement blocking capabilities, but did you know that you can also block malware and phishing websites on your home network? The following article details our favourite blacklists helping you protect your devices from malware and nefarious activities on your home network.

If you have not installed Pi-hole yet, please check out our blog post (Coming soon!) or drop-in to one of our workshops first. Once you have it up and running, the default block list on the Pi-hole is already blocking ads and to a smaller extent, malware.

As of today, the default installation features two block lists: StevenBlack's Unified Host List and DNS-BH Malware Domains. While the former combines other smaller block lists for blocking adware and malware, the latter is a decent anti-malware list provided by RiskAnalytics. The two block lists already do their job. However we recommend adding a few more community-managed block lists to your Pi-hole (Settings --> Pi-Hole's Block Lists) for a more comprehensive protection.

The following list features our favourite domain block lists for the Pi-hole. Please note that the list is not meant to be impartial nor comprehensive.

Malware and Phishing

  • https://hosts-file.net/exp.txt - hpHosts - Websites hosting exploits
  • https://hosts-file.net/emd.txt - hpHosts - Websites hosting malware
  • https://hosts-file.net/psh.txt - hpHosts - Phishing websites
  • https://www.malwaredomainlist.com/hostslist/hosts.txt - Extensive anti-malware list by Malware Domain List
  • https://v.firebog.net/hosts/Airelle-hrsk.txt - Airelle's list of phishing domains
  • https://v.firebog.net/hosts/Shalla-mal.txt - Shalla's Ad and Spyware Blacklists
  • https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt - Ransomware Tracker - Ransomware C2 server block list (generic)
  • https://ransomwaretracker.abuse.ch/downloads/LY_C2_DOMBL.txt - Ransomware Tracker - Ransomware C2 server block list (Locky)
  • https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt - Ransomware Tracker - Ransomware C2 server block list (CryptoWall)
  • https://ransomwaretracker.abuse.ch/downloads/TC_C2_DOMBL.txt - Ransomware Tracker - Ransomware C2 server block list (TeslaCrypt)
  • https://ransomwaretracker.abuse.ch/downloads/TL_C2_DOMBL.txt - Ransomware Tracker - Ransomware C2 server block list (TorrentLocker)
  • http://www.networksec.org/grabbho/block.txt - ThreatExpert.com's malware and adware block list
  • https://isc.sans.edu/feeds/suspiciousdomains_Medium.txt - DShield.org Suspicious Domain List (Medium-level)
  • http://someonewhocares.org/hosts/hosts - Dan Pollock's list for blocking ads and spyware
  • https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt - Disconnect.me anti-malvertising block list
  • http://www.joewein.net/dl/bl/dom-bl.txt - jwSpamSpy - Domains featured in Spam emails
  • https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/hosts - CoinBlockerLists - Blocks browser-based cryptocurrency miners

Tracking

  • https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/win10/spy.txt - WindowsSpyBlocker - Blocks Windows 10 telemetry domains
  • https://v.firebog.net/hosts/static/SamsungSmart.txt - Blocks Samsung SmartTV trackers
  • https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt - Disconnect.me anti-tracking block list
  • https://v.firebog.net/hosts/Easyprivacy.txt - EasyPrivacy - A privacy companion of the popular EasyList ad block list

Ads

  • https://hosts-file.net/ad_servers.txt - hpHosts - Blocks ad and tracking servers
  • https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt - Disconnect.me ad-blocker list
  • https://gist.githubusercontent.com/anudeepND/adac7982307fec6ee23605e281a57f1a/raw/5b8582b906a9497624c3f3187a49ebc23a9cf2fb/Test.txt - Block YouTube ads
  • https://v.firebog.net/hosts/Easylist.txt - EasyList - Might be familiar from the uBlock and Adblock browser plugins
  • https://v.firebog.net/hosts/AdguardDNS.txt - Block list powering the Adguard ad blocker

A copy-pasteable list for your Pi-hole is available here. For more block lists, make sure to visit https://wally3k.github.io/

More Frequent Updates

By default, the Pi-hole cron job updating the block lists runs on Sunday at 01:59 am. To get a fresh block list each day, we need to increase the update frequency as the following:

  1. Open /etc/cron.d/pihole in your favourite text editor
  2. Locate the following line:
    59 1 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
  3. Replace number 7 (Sunday) with * (every day). Your new entry should look like this:
    59 1 * * * root PATH="$PATH:/usr/local/bin/" pihole updateGravity
  4. Save the file and enjoy the daily updates

Missing something? What is your favourite block list and why? Ping us on Twitter and let us know.

Image courtesy of iStock

Gabor Szathmari

Gabor Szathmari

Gabor is a passionate privacy, open government and free speech advocate. He is helping organisations with their information security challenges in his professional life.

Read More