FINALLY setup a pfsense box! Any recomendations for settings other than default?

IceDigger

[H]F Junkie
Joined
Feb 22, 2001
Messages
11,188
FINALLY setup a pfsense box! Any recomendations for settings other than default for a newbie?

Box specs...
Intel C2D 8500, 4GB DDR3 RAM, 120GB Junk SSD Drive, 2x Intel Gigabit PCIE NICs
 

Farva

Extremely [H]
Joined
Feb 3, 2004
Messages
37,919
I would say pfblocker, but on 2.4.3, it is a resource hog.
 

ChRoNo16

[H]ard|Gawd
Joined
Feb 3, 2011
Messages
1,492
I wouldnt do a whole lot more than that. you can add a few things, I typically add a spam filter of sorts or an ad blocker to help keep some of the nasty at bay. other that that I generally dont install a lot of services.
 

Farva

Extremely [H]
Joined
Feb 3, 2004
Messages
37,919
Just enabled that and the ram usage went up 4% :D
Now start blocking IPs by country and create these block lists:

Ad Blocking
http://someonewhocares.org/hosts/hosts
http://someonewhocares.org/hosts/zero/
https://raw.githubusercontent.com/quidsup/notrack/master/trackers.txt
https://adaway.org/hosts.txt
https://hosts-file.net/fsa.txt
http://sysctl.org/cameleon/hosts
https://osint.bambenekconsulting.com/feeds/dga-feed.gz
https://hosts-file.net/download/hosts.zip
http://www.hostsfile.org/Downloads/hosts.txt
https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext
https://jasonhill.co.uk/pfsense/ytadblock.txt
https://jasonhill.co.uk/pfsense/blocklists.txt
https://jasonhill.co.uk/pfsense/ad_servers_dnsbl.txt
https://gist.githubusercontent.com/...189347e35c0070a9e4de76fde2adb271/liste_fr.txt
https://gist.githubusercontent.com/...90eb2ac8bdc01af3008d728b7c0f10dc7b2506b4/MS-3
https://gist.githubusercontent.com/...b344ebc9475acdea1fae38a12c4ea9332838a184/MS-1
http://winhelp2002.mvps.org/hosts.txt
http://adblock.gjtech.net/?format=unix-hosts
https://jansal.googlecode.com/svn/trunk/adblock/hosts
http://optimate.dl.sourceforge.net/project/adzhosts/HOSTS.txt
https://github.com/StevenBlack/hosts/raw/master/hosts
https://github.com/yous/YousList/raw/master/hosts.txt


Alien Vault
https://reputation.alienvault.com/reputation.generic

Autofill blocking
https://gist.githubusercontent.com/...f0996cf5248657ada2adb396f3636be8716b99eb/MS-4

blocklist.de
https://www.blocklist.de/downloads/export-ips_all.txt
https://www.blocklist.de/downloads/export-ips_apache.txt
https://www.blocklist.de/downloads/export-ips_courierimap.txt
https://www.blocklist.de/downloads/export-ips_courierpop3.txt
https://www.blocklist.de/downloads/export-ips_imap.txt
https://www.blocklist.de/downloads/export-ips_pop3.txt
https://www.blocklist.de/downloads/export-ips_postfix.txt
https://www.blocklist.de/downloads/export-ips_proftpd.txt
https://www.blocklist.de/downloads/export-ips_ssh.txt
https://www.blocklist.de/downloads/dnsbl/all.list
https://www.blocklist.de/downloads/dnsbl/allinone.list

Disconnect.me
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt

Dshield
https://feeds.dshield.org/top10-2.txt
https://feeds.dshield.org/block.txt
https://secure.dshield.org/feeds/suspiciousdomains_Low.txt
https://dshield.org/feeds/suspiciousdomains_Medium.txt
https://dshield.org/feeds/suspiciousdomains_High.txt


Emerging Threats
https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt
https://rules.emergingthreats.net/blockrules/compromised-ips.txt
http://www.ciarmy.com/list/ci-badguys.txt

FireHOL
*https://iplists.firehol.org/
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level2.netset
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level3.netset
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level4.netset

Malware
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/porn/hosts
https://mirror1.malwaredomains.com/files/justdomains
https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt
https://ransomwaretracker.abuse.ch/downloads/RW_IPBL.txt
https://ransomwaretracker.abuse.ch/downloads/LY_PS_IPBL.txt
https://ransomwaretracker.abuse.ch/downloads/TL_C2_IPBL.txt
https://ransomwaretracker.abuse.ch/downloads/RW_URLBL.txt
https://isc.sans.edu/feeds/suspiciousdomains_Low.txt
https://mirror1.malwaredomains.com/files/immortal_domains.txt
https://mirror1.malwaredomains.com/files/domains.txt
http://www.malwaredomainlist.com/hostslist/ip.txt
http://www.malwaredomainlist.com/mdlcsv.php
http://www.malwaredomainlist.com/updatescsv.php
http://www.malwaredomainlist.com/hostslist/mdl.xml
http://www.malwaredomainlist.com/hostslist/zeus.xml
http://www.malwaredomainlist.com/zeuscsv.php
http://www.malwaredomainlist.com/hostslist/hosts.txt
http://www.malwaredomainlist.com/hostslist/yesterday.php
http://www.malwaredomainlist.com/hostslist/yesterday_urls.php
http://www.malwaredomainlist.com/hostslist/spyeye.xml
http://hosts-file.malwareteks.com/HOSTS-NOPHAFSA-Optimized.txt
http://www.networksec.org/grabbho/block.txt
https://malc0de.com/bl/BOOT
https://malc0de.com/bl/IP_Blacklist.txt
https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt
http://osint.bambenekconsulting.com/feeds/dga-feed.gz
http://osint.bambenekconsulting.com/feeds/c2-dommasterlist.txt
http://osint.bambenekconsulting.com/feeds/c2-ipmasterlist.txt
http://tracker.h3x.eu/
http://tracker.h3x.eu/about/400
https://feodotracker.abuse.ch/blocklist/?download=ipblocklist
https://sslbl.abuse.ch/blacklist/sslipblacklist.csv
https://sslbl.abuse.ch/blacklist/dyre_sslipblacklist.csv
https://www.abuseat.org/iotcc.txt
http://danger.rulez.sk/projects/bruteforceblocker/blist.php
https://palevotracker.abuse.ch/blocklists.php?download=ipblocklist
https://pfblockerlists.smallbusinesstech.net/hackerlist.txt

No Coin
https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/hosts_browser
https://raw.githubusercontent.com/Hestat/minerchk/master/minerlist-all.txt
https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt

Phishing
https://www.openphish.com/feed.txt
http://data.phishtank.com/data/online-valid.csv

Sentinel IPS
http://cinsscore.com/list/ci-badguys.txt

Snort
https://labs.snort.org/feeds/ip-filter.blf

Spamhaus
https://www.spamhaus.org/drop/drop.txt
https://www.spamhaus.org/drop/edrop.txt
https://www.spamhaus.org/drop/dropv6.txt

Squid Black List
http://www.squidblacklist.org/downloads/drop.malicious.rsc
http://www.squidblacklist.org/downloads/sbl-tornodes.rsc
http://www.squidblacklist.org/downloads/tik-dns-ads.rsc
http://joshaven.com/malc0de.rsc
http://joshaven.com/openbl.rsc

Talos
http://talosintel.com/feeds/ip-filter.blf

TOR
https://www.dan.me.uk/torlist/
https://panwdbl.appspot.com/lists/ettor.txt

uBlock Origin
https://raw.githubusercontent.com/I...k-Filters-Plus/master/uBlock-Filters-Plus.txt

Windows Lies
https://raw.githubusercontent.com/WindowsLies/BlockWindows/master/hostslist
http://jasonhill.co.uk/pfsense/microsoft_domains.txt

Youtube ads
https://jasonhill.co.uk/pfsense/ytadblock.txt

Zues Tracker
*https://zeustracker.abuse.ch/blocklist.php
https://zeustracker.abuse.ch/blocklist.php?download=badips
https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist
https://zeustracker.abuse.ch/blocklist.php?download=baddomains
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://zeustracker.abuse.ch/blocklist.php?download=compromised
 
Top