ALL: entries in superhosts.deny

[Plurix-Git]

Hi, this is my first 2 cts...

Hopefully not breaking any rule...

Just downloaded superhosts.deny using this script to use with dnsmasq on latest MX-Linux, but all 776522 entries starting with ALL: instead of 0.0.0.0, so dnsmasq is unable to read anything in it...

Not sure what am I missing?...

Thanks!

Plurix

[smed79]

I think there is a misunderstanding here, where you are confusing between hosts.deny and the hosts

• /etc/hosts is used as a local DNS / syntax ip hosts / e.g 0.0.0.0 malicieuse.domain.
• /etc/hosts.deny is used like an iptable to control access to the machine/network form external sources.

The script for the hosts file is here linux-hosts-installer.sh

Userfrendly alternative is to use the dns server instead

DNS Name	safedns.allover.co.za	safedns2.allover.co.za
IPv4	88.198.70.38	88.198.70.39
IPv6	2a01:4f8:140:5021::38	2a01:4f8:140:5021::39

[Plurix-Git]

@smed79: Thank you for your prompt reply!

And I apologize for my misunderstanding. The word deny says it all, right?...

But, well... Sure I'm aware of the regular /etc/hosts file, which is being used by dnsmasq. But I added the directive addn-hosts=super_hosts_deny in it as well to do exactly this: to block external sources of ads and bad web sites, thus protecting my Linux system from being infected with Malware or Ransomware.

On this page you mention the following, among other things:

START SNIPPET <<<<
"The superhosts.deny file is simply named superhosts.deny but is just a normal hosts.deny file which is a plain-text file for Linux/Unix based operating systems that blocks a list of IP addresses or hosts (domains) on the outside of your network from gaining any access to your computer. If you want to use this superhosts.deny file simply rename it to hosts.deny and place it in your /etc/ folder on your Linux/Unix operating system. A hosts.deny file will not work on a Windows operating system."
END SNIPPET <<<<

Nowhere in that page is stated this file was created for use with iptables instead. Yeah, the deny word implies that, right?...

I used to create iptables in Cisco routers 20 years ago, but never in Linux.

My MX-Linux has iptables v1.8.7 installed by default, guess I will have to learn about it to use this file, which is not a problem at all.

And just so you know, I want to use and experiment with superhosts.deny because it is the most comprehensive and complete collection of addresses to block, and in a machine which is apart from my private home network, for learning purposes. I think of your hosts as a subset of it.

And yes, I'm using your IPv4 dns servers on a regular basis on my home nw (my dd-wrt router dnsmasq does not like more than 3 dns, so unable to add IPv6 as well). Thank you for such a great option!

[Plurix-Git]

Hi @smed79!

Just FYI, I had inetd restarted and now /etc/hosts.allow and /etc/hosts.deny are working as expected.

Thank you for your heads up!

And sorry for any misunderstanding.

Cheers

[smed79]

Happy to hear that you have fixed your issue. Do not hesitate to report any issue, an answer will necessarily be provided to you.

Regards,