1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="chrome=1">
<title>NSAblocklist by CHEF-KOCH</title>
<link rel="stylesheet" href="stylesheets/styles.css">
<link rel="stylesheet" href="stylesheets/github-dark.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script>
<script src="javascripts/main.js"></script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
</head>
<body>
<header>
<h1>NSAblocklist</h1>
<p>HOSTS file to block all known NSA / GCHQ / C.I.A. / F.B.I. spying servers</p>
</header>
<div id="banner">
<span id="logo"></span>
<a href="https://github.com/CHEF-KOCH/NSABlocklist" class="button fork"><strong>View On GitHub</strong></a>
<div class="downloads">
<span>Downloads:</span>
<ul>
<li><a href="https://github.com/CHEF-KOCH/NSABlocklist/zipball/master" class="button">ZIP</a></li>
<li><a href="https://github.com/CHEF-KOCH/NSABlocklist/tarball/master" class="button">TAR</a></li>
</ul>
</div>
</div><!-- end banner -->
<div class="wrapper">
<nav>
<ul></ul>
</nav>
<section>
<p>NSABlocklist© file original created under the MITM license 2015 by <a href="https://github.com/CHEF-KOCH">CHEF-KOCH</a>.</p>
<h2>
<a id="description" class="anchor" href="#description" aria-hidden="true"><span class="octicon octicon-link"></span></a>Description:</h2>
<p>This isn't yet another <a href="https://en.wikipedia.org/wiki/Hosts_(file)">hosts file</a> or <a href="https://en.wikipedia.org/wiki/DNSBL">DNSBL</a> that claims to secure the web, it's specially designed to <em>stop</em> known NSA / GCHQ / C.I.A. or F.B.I. servers from beeing connecting to you without permission. The list is not designed to block common malware, spyware or anything that is already avaible on the net via a proper designed hosts for such case. This hosts or the super ranges lists could block some of your sites/servers you may need, so you'll be warned!</p>
<p>My list is original based on 2007 published Wikileaks documents and includes my own modifications.</p>
<h2>
<a id="this-project-includes" class="anchor" href="#this-project-includes" aria-hidden="true"><span class="octicon octicon-link"></span></a>This project includes</h2>
<ul>
<li>An '<a href="https://github.com/CHEF-KOCH/NSABlocklist/blob/master/HOSTS.txt">HOSTS.txt</a>' file that includes all Servers/DNS domains that are known to be NSA or GCHQ involved. The confirmation is given on the <em>Research</em> link at the bottom.</li>
<li>An '<a href="https://github.com/CHEF-KOCH/NSABlocklist/blob/master/Super%20Ranges.txt">Super Ranges.txt</a>' file which includes a list of known IP ranges that are compromised (be careful with that!).</li>
<li>An '<a href="https://github.com/CHEF-KOCH/NSABlocklist/blob/master/LICENSE">LICENSE</a>' File to shows the MITM license.</li>
<li>The '<a href="https://github.com/CHEF-KOCH/NSABlocklist/blob/master/README.md">README</a>' (this) file that includes the latest news, updates and explanations,...</li>
<li>An '<a href="https://github.com/CHEF-KOCH/NSABlocklist/blob/master/problematic.txt">problematic.txt</a>' file wich includes DNS/PTRs that are possible problematic for you. </li>
</ul>
<h2>
<a id="important-notice" class="anchor" href="#important-notice" aria-hidden="true"><span class="octicon octicon-link"></span></a>Important Notice</h2>
<ul>
<li>A true list of compromised IPs would list the entire Internet, then on to the fuller range open mouth blabbering of blogs, email, chat rooms, texting, aided and abetted by the world's telecoms, postal services, and, most reliably, bedroom murmurings.</li>
<li>I do not accept donations, I'm not doing this because I want $$money or hype I'm doing this because I didn't found a proper list on the whole internet and of course I want to share my knowledge for free. I always think that such information should be available for everyone on the world.</li>
</ul>
<h2>
<a id="do-you-hate-the-nsa-or-other-agencies" class="anchor" href="#do-you-hate-the-nsa-or-other-agencies" aria-hidden="true"><span class="octicon octicon-link"></span></a>Do you hate the NSA or other agencies?</h2>
<ul>
<li>I do not <em>hate</em> the NSA or other agencies but I really don't like that everyone is automatically under the microscope and of course that there is no opt-out or transparency excpect lies and more lies (and some excuses ...yeah, we are doing this because terrorism, go f$ck yourself with such statements!)</li>
<li>Everyone have something to hide, passwords, privat data, accounts, ....</li>
</ul>
<h2>
<a id="known-problems-hosts-file-cant-fix" class="anchor" href="#known-problems-hosts-file-cant-fix" aria-hidden="true"><span class="octicon octicon-link"></span></a>Known problems hosts file can't fix</h2>
<ul>
<li>An hosts file is no guarantee, if the NSA is already in your system it's already to late.</li>
<li>HOSTS files are no guarantee that the NSA or any other attacker/organization could simply bypass it via 0day or other vulnerabilitys on your system/router.</li>
<li>HOSTS files can't protect against attacks directly on/in the hardware, e.g. if the router is already compromised or comes with backdoors this list will be easily bypassed anyway.</li>
<li>Due the complex of the entire file I can't explain every single IP or PTR record.</li>
<li>The hosts file may present an attack vector for malicious software because the file could be modified to redirect the entire traffic e.g. adware or trojans can do this. Ensure that the file was marked as read-only and you're not logged in as adminstrator. </li>
</ul>
<h2>
<a id="todo" class="anchor" href="#todo" aria-hidden="true"><span class="octicon octicon-link"></span></a>ToDo:</h2>
<ul>
<li>[ ] Fix Readme.md, typos, grammar,...
<ul>
<li>[ ] Maybe sort the hosts list alphabetically</li>
<li>[ ] Maybe add an seperate hosts file for MS, Apple, Google (if someone ask for it) </li>
<li>[ ] Maybe monthly updates?</li>
</ul>
</li>
<li>[ ] Find invalid entries or domains that aren't online anymore (high-prio)</li>
<li>[ ] Fix/merge all reported <a href="https://github.com/CHEF-KOCH/NSABlocklist/issues">issues</a>
<ul>
<li>[ ] Add explanation how to identify compromised domains/DNS</li>
<li>[ ] Add solutions to e.g. secure DNS via DNSCrypt/DANE</li>
</ul>
</li>
</ul>
<h2>
<a id="project-history" class="anchor" href="#project-history" aria-hidden="true"><span class="octicon octicon-link"></span></a>Project History</h2>
<ul>
<li>[x] 14.08.2015 initial upload of the entire project and small Readme.md corrections</li>
</ul>
<h2>
<a id="research" class="anchor" href="#research" aria-hidden="true"><span class="octicon octicon-link"></span></a>Research</h2>
<ul>
<li><a href="http://cryptome.info/0001/ip-tla.htm">Cryptome</a></li>
<li><a href="http://33bits.org/">33bits</a></li>
<li><a href="http://randomwalker.info/web-privacy/">Randomtalker web-privacy</a></li>
<li><a href="http://freehaven.net/anonbib/">Free Haven's Selected Papers in Anonymity</a></li>
<li><a href="https://www.eff.org/de/nsa-spying">NSA Spying | Electronic Frontier Foundation</a></li>
<li><a href="https://mobilesecuritywiki.com/">Mobile Security Wiki | mobilesecuritywiki.com</a></li>
<li><a href="https://www.hackread.com/here-is-a-list-of-urls-used-by-the-nsa-to-install-malware-on-pcs-worldwide/">Researcher at Kaspersky Labs have discovered a list of domains used by the NSA to install malware on victim's PC around the world.</a></li>
<li><a href="http://www.businessinsider.com/nsa-prism-keywords-for-domestic-spying-2013-6?IR=T">NSA PRISM Keywords For Domestic Spying - Business Insider</a></li>
<li><a href="https://github.com/pyllyukko/user.js">Hardened user.js for Firefox to stop data leackage</a></li>
</ul>
<p><strong>Thanks goes to everyone which fights for www security! Give spying no chance!</strong></p>
</section>
<footer>
<p>Project maintained by <a href="https://github.com/CHEF-KOCH">CHEF-KOCH</a></p>
<p><small>Hosted on GitHub Pages — Theme by <a href="https://twitter.com/michigangraham">mattgraham</a></small></p>
</footer>
</div>
<!--[if !IE]><script>fixScale(document);</script><![endif]-->
</body>
</html>
|