Malware blocklist package?

Can anybody recommend a package/tool that will automatically block DNS requests to malware domains, C&C etc based on some publish list?

I see that some of the Adblock packages may allow this to work, but would like to know if anybody is using something specific to malware?

There are Malware specific Adblock lists :

1 Like

Thank you. I've gone with the adblock option plus Openflare DNS malware block. It seems many of the blocklists for malware that adblock is using are 6 months to 2 years old sadly.

Are you running the most recent version of OpenWrt/Adblock?

OpenWRT: 19.07.4
Adblock: 4.0.6

Seem fairly recent ....

Can you assist me with Openflare, I don't seem to find and would like to consider also...

Apologies, I mean to write CloudFlare DNS. Details are here, They offer a malware only filtering address ...details here:

1 Like

Thanks, I didn't realize, but my secondary DNS was already there. So now I configured primary and secondary as per below :

Furthermore, I agree that the Adblock Malware specific lists seem quite obsolete, dating over 2 years ago.

This leads to a false sense of security, a lot happens in a period of two years, this is like running unpached for 2 years... Unthinkable !

Surely there must be a solution to this issue ?

1 Like

The block lists I receive are up to date. This is why I didn't respond. Feel free to ask in the Adblock support thread if you disagree.

I don't dispute that block lists in general are up to date, but if you follow the link I posted earler, the 2 malware specific links point to very obsolete lists, am I wrong in that assessment ?

1 Like

The two list sources with "malware" in their names have the following time stamps:



I can't see any issue here. Said that, just use other lists/sources if you are not satisfied with the selection or the update frequency. Most of the "general" lists are also includes malware sites - it's up to you to find the "best" sources, derived from your personal surfing behaviour.


You are not wrong, Some of the lists are over 2 years old, especially the malware ones. Even the one dibdot pointed to is 10 months old. In the world of rapidly moving malware I think this is going to give some protection but certainly to offer protection from the latest malware campaigns.

Perhaps the block list approach is not right for that kind of protection. As with all things security, it's best provided with multiple layers.


This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.