humble3d Posted April 9, 2017 Share Posted April 9, 2017 NSABlocklist© project...UPDATE original created under the MIT license 2015 Description: This isn't yet another hosts file or DNSBL that claims to secure the web, it's specially designed to stop known NSA / GCHQ / C.I.A. or F.B.I. servers from beeing connecting to you without permission, of course the IP's also can be used for Bot Revolt or other tools. The list is not designed to block common malware, spyware/ads or anything that is already avaible on the net via a proper designed hosts for such special case. This hosts or the super ranges lists could block some of your sites/servers you may need, so you'll be warned! My list is original based on 2007 published Wikileaks documents and includes my own modifications from 2008, 2012, 2014 and 2015. This project includes: A 'HOSTS.txt' file that includes all Servers/DNS domains that are known to be involved in spying. The confirmation is given within the Research link(s) at the bottom and with my own tests. An 'Super Ranges.txt' file which includes a list of known IP ranges that are compromised (be careful with that!). An 'LICENSE' File to shows the MIT license. The 'README' (this) file that includes the latest news, updates and explanations,... An 'problematic.txt' file wich includes DNS/PTRs that are possible problematic for you. The 'Mail.txt' file in case you want to speak with me over encrypted email. An 'test' folder for IPv6 only domains. It also contains an 'html' folder for html formatted entries, an 'onion' folder for suspect or faked .onions and an 'Tor' folder for a quick guide how to run an non-exit relay in around 10 minutes. The 'References.txt' which contains relevant information about spying or additional topics which may related to reveal surveillance. Any problems, questions or something wrong? Feel free to open an issue ticket and I will look at it asap. - Pull Requests or ideas are always welcome! Important Notice A true list of compromised IPs would list the entire Internet, then on to the fuller range open mouth blabbering of blogs, email, chat rooms, texting, aided and abetted by the world's telecoms, postal services, and, most reliably, bedroom murmurings. I do not accept donations, I'm not doing this because I want $$money or hype I'm doing this because I didn't found a proper list on the whole internet and of course I want to share my knowledge for free. I always think that such information should be available for everyone on the world. Please keep in mind that updates/encryption/knowlage is our only weapon against NSA and other agancies, since I not encrypt this list (for what?) the update argument is important so I always search for maintainer to complete the list(s). It's currently not possible to update everything daily or every x hours since there is no tool/software/script which detect such servers automatically - it needs to be checked against domain servers, trace-routes, documents - all by hand! Do you hate the NSA or other agencies? I do not hate the NSA or other agencies but I really don't like that everyone is automatically under the microscope (mass surveillance) and of course that there is no 'opt-out' or transparency excpect lies and more lies (and some excuses ...yeah, we are doing this because terrorism, go f$ck yourself with such statements!) Everyone have something to hide, passwords, privat data, accounts, other metadata, [...] Known problems An HOSTS file is no guarantee that if the NSA is already 'in your system/network' - to protect you - it's just to late. HOSTS files are no guarantee that NSA or any other attacker/organization could simply bypass it via 0day or other vulnerabilitys on your system/router. HOSTS files can't protect against attacks directly in hardware, e.g. if the router is already compromised or comes with backdoors this list will be easily bypassed anyway. Due the complex of the entire file I can't explain every single IP/Domain/PTR record. If somethig was changed, feel free to open a pull request or send me an eMail. The GOSTS file may present an attack vector for malicious software because the file could be modified to redirect the entire traffic e.g. adware/trojans can do this. Ensure that the file was marked as read-only and you're not logged in as adminstrator. Trace-route analysis especially on IPv4 networks are sometimes outdated (due the mass of requests). Be careful when blocking IP addresses, as IP addresses change frequently and can block people you don't intend to block. NSA and other agancies can spy on traffic directly from supercomputers like infamous Echelon connected directly to some backbone without revealing any IP. This is an common problem, only strong and proper implemented encryption helps. ToDo: Fix Readme.md, typos, grammar,... Sort hosts entries alphabetically Add an seperate hosts file for MS, Apple, Google (if someone really needs it) Monthly updates!? Find invalid entries or domains that aren't online anymore (high-prio) Fix/merge all reported issues Add explanation how to identify compromised domains/DNS or other bogus addresses (high-prio) Add solutions to e.g. secure DNS via DNSCrypt/DANE (low-prio) Add IPv6 only hosts file (low-prio) Add mirror(s) in case some papers/news are linked directly on blocked goverment pages (low-prio) Use external file for sources, reference and researches Create an external References.txt for all nessary spying information so people can directly link into it Utils TCPIPUTILS Robtex ZMap - The Internet Scanner IP Address Details (ipinfo.io) tracert nsa.gov, see how TRACERT command works ... others GlobalLeaks [Open-source anonymous whistleblowing software] Freedom Box DenyHosts Decode Your HTTP Traffic with Open Source Sysdig (sysdig.com) Courage Foundation Project History 30.01.2016 Video section added, official guidance from nsa.gov added + an section for future tips 15.09.2015 Seperate the into his own References.txt file (list was also updated) 04.09.2015 Added Ipv6 list, sort the test lists in his own cat. 02.09.2015 Added 'Snowden documents compilations' 19.08.2015 Added Backbone Providers and other involved services 18.08.2015 More domains added 7821 in total 16.08.2015 Removed some duplicates and added new domains, small Readme.md changes 15.08.2015 Created a new start page chef-koch.github.io/NSABlocklist 14.08.2015 Initial upload of the entire project and small Readme.md corrections Snowden documents compilations The NSA files | The Guardian Unofficial page to search E. Snowden leaked documents https://edwardsnowden.com/revelations/ Free Haven's Selected Papers in Anonymity http://cjfe.org/snowden https://github.com/nsa-observer/documents/tree/master/files/pdf https://www.aclu.org/nsa-documents-search http://freesnowden.is/category/revealed-documents/index.html NSA Spying | Electronic Frontier Foundation https://www.eff.org/deeplinks/2013/11/nsa-spying-primary-sources https://www.aclu.org/nsa-documents-released-public-june-2013 http://leaksource.wordpress.com/ https://fveydocs.org/ https://www.aclu.org/nsa-documents-search http://natsios-young.org/ https://nsa.imirhil.fr/ https://nsa.gov1.info/dni/ https://snowdenarchive.cjfe.org/ Providers AT&T helped to spy on an array of internet traffic | The New York Times & via ProPublica Telecom / T-Mobile Vodafone E-Plus / O2 Alphabet (Goolgle) 'Project Fi alias T-Com' [Apr. 2015, needs a special Fi SIM for Nexus 6 XT1103 only (atm)] Digital Ocean, Inc.s TM Net, Internet Service Provider REN Verizon TNG Spint easybell L8NT Charter Suddenlink Sprint Unicom (GFW) CERNET (GFW) Embarq .... Videos USENIX Enigma 2016 - NSA TAO Chief on Disrupting Nation State Hackers Tips directly from nsa.gov NSA IA Guidance incl. several pdf's. Backbone Providers AT&T ATM S.A. Cable & Wireless Global Crossing Comcast Cox Communications Sprint Nextel Level 3 / Level 2 / Level 1 NTT Communications SAVVIS Communications Net By Net Holding LLC Verizon Communications ATM-Telekom IBM ... Other services providers + social media platforms Facebook PushTalk / PalTalk MySpace Google Inc. alias Alphabet Amazon Microsoft Apple Wikipedia, well it's for all Automattic, Inc LLC Yahoo Twitter (FBI records) .... Spying systems XKeyscore PRISM ECHELON Carnivore MUSCULAR DISHFIRE STONEGHOST Tempora Frenchelon Active-Passive-Exfilration (APEX) Fairview MYSTIC Boundless Informant BULLRUN PINWALE Stingray TURMOIL / Turbulence Customer Proprietary Network Information / CPNI (metadata) - can be deactivated on Android 5.1+ and e.g. Fi networks Spying programs Traceroute "Packaged Goods" / "Treasure Map" VOIP: Hammerchant WEALTHYCLUSTER APEX COMSAT IRRITANT HORN (hijack's Google Play Store contained apps) HACIENDA .... Thanks goes to everyone which are fighting for www. security! Give spying no chance! https://github.com/CHEF-KOCH/NSABlocklist Link to comment Share on other sites More sharing options...
stylemessiah Posted April 9, 2017 Share Posted April 9, 2017 Time for the tinfoil hat, and breaking all the sites you use every day..... Im pretty sure the NSA doesnt still use the hosts and ip'sblocked, one would think they might have changed them since : Quote 2007 published Wikileaks documents and includes my own modifications from 2008, 2012, 2014 and 2015. Really youre just blocking stuff in the dark....and its a list at least a year old, mostly 2 years old If they really want to get to you, they will Some random dude on the interwebs is not going to be my messiah.... Maybe the reason it hasnt been updated is because the guy stopped watching Alex Jones.... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.