Security via localhost

Discussion in 'Security and Anti-Virus Software' started by Primes, Jul 5, 2021.

  1. Primes

    Primes Notebook Deity

    Reputations:
    918
    Messages:
    1,736
    Likes Received:
    717
    Trophy Points:
    131
    I know some of you run modified localhost files, so I wanted to get some feedback on this idea.

    I'm thinking of localhost entries to block remote access software, typically the kind of stuff the "tech support" scams use. I'm a little worried my grandparents could fall for one of those scams so I want to see if I can block the most common software via localhost.

    Trying to get a list together. thoughts?

    Pretty much grabbing entries from here:
    https://en.wikipedia.org/wiki/Comparison_of_remote_desktop_software

    Code:
    teamviewer.com              127.0.0.1
    remotedesktop.google.com    127.0.0.1
    remoteutilities.com         127.0.0.1
    getscreen.me                 127.0.0.1
    uvnc.com                    127.0.0.1
    distantdesktop.com            127.0.0.1
    anydesk.com                    127.0.0.1
    aeroadmin.com                127.0.0.1
    iperiusremote.com            127.0.0.1
    zoho.com                    127.0.0.1
    litemanager.com                127.0.0.1
    showmypc.com                127.0.0.1
    nchsoftware.com                127.0.0.1
    beamyourscreen.com            127.0.0.1
    logmein.com                    127.0.0.1
    gotoassist.com                127.0.0.1
    ammyy.com                    127.0.0.1
    anywherets.com                127.0.0.1
    
     
    Dr. AMK likes this.
  2. hacktrix2006

    hacktrix2006 Hold My Vodka, I going to kill my GPU

    Reputations:
    640
    Messages:
    2,058
    Likes Received:
    1,257
    Trophy Points:
    181
    You could run as raspberry pi with PiHole and block the domains that way, as window can compile with modified host files.

    Using PiHole is how I block most stuff and I block quite a lot. To the stage that I have to use mobile internet to sign into my bank accounts now a days as on both main and guest networks I run have

    Scam/pishing sites blocked.
    Gambling/porn sites blocked.
    Telemetry blocked.
    Malware sites blocked.
    Ads blocked.
    Phone homes blocked for smart devices etc.

    Yes it's a pain however it's a secure network. I set it up so far that guest networks DNS is my own DNS server that DoH's requests yet to do that on main.

    Then using a raspberry pi you can set it up to be a remote access system too.


    Sent from my SNE-LX1 using Tapatalk
     
    Primes likes this.
  3. Primes

    Primes Notebook Deity

    Reputations:
    918
    Messages:
    1,736
    Likes Received:
    717
    Trophy Points:
    131
    That's a good idea. I'd also like to set something similar to that on my home network, but more than just adblocking. Currently looking at pihole, pfsense, untangle, firewalla.
     
  4. hacktrix2006

    hacktrix2006 Hold My Vodka, I going to kill my GPU

    Reputations:
    640
    Messages:
    2,058
    Likes Received:
    1,257
    Trophy Points:
    181
    I personally use PiHole via a Docker containers with a 3,772,262 domains blocklist and some manual allowlist and blocklist to add others. All this is ran on a X86 J4105 Seeed Odyssey Proxmox server which hosts the Portainer.io Virtual Machine.

    Using Ad Blocker Test (d3ward.github.io) as a test i have a 98%-100% blocked rate and to make sure if others on the network hit a false positive, i also run PiPass which is a Frontend Webpage Blocker which shows if the site is blocked and allows for a temp unlock of the domain for 1 hour and to request the domain to be unlocked permanently.

    As i am able to Winscp if you need the adlist set i use i can share it with you, else i can help you install pihole5-list-tool which will allow you to get the same list minus my custom addons.

    If you use a Raspi with Portainer.Io you can then make not only the Pihole DNS server(s) but also a Recursive DNS which comes in handy. You can also then use the Raspi as a remote in station too there is software out there that will allow you to do this in docker containers such an example is Apache Guacamole which is a web browser VNC SSH RDP relay.
     
Loading...

Share This Page