In the enterprise world, it has become common to use threat intelligence data to prevent traffic from suspected and known compromised servers, services, IPs and networks from being able to access or influence business assets.
Enterprise and business aren’t the only entities that can benefit from this, though. Even as a home user we would advocate the use of security software, and a layered approach is always best.
We are hosting a set of DNS block lists that aim to improve your network or device security by preventing access to emerging and ongoing threats, including malware distribution and control, phishing and spear-phishing, cryptojacking, the TOR network, spammers, scammers and known compromised servers, computers, IPs and networks.
There is also an IP list for direct use in firewalls and security devices which includes IPs and networks that are known to be malicious or compromised, including those used for internet, network and port scanning, brute-forcers, credential stuffers, DDoS attackers and other generally unsavoury behaviour.
The data the service provides comes from multiple sources, including production servers and networks we run, along with telemetry data from users of our products who kindly opt-in, plus a set of honeypots that we also operate for the purpose of collecting and understanding current and emerging threats.
Check it out at https://threat-list.com
These feeds are updated hourly and they’re available to everyone without requiring a subscription or handing over any personal or organisation information at all.
If you’re looking for a ready-to-go fully automated security service, we’ve got you covered – check out Umbra Secure DNS. It has the data from these lists and plenty more, without the need to run your own DNS server or filter.