Skip to content

Instantly share code, notes, and snippets.

@13Cubed
Last active Oct 23, 2020
Embed
What would you like to do?
Download DNS adware and malware blacklists in BIND format and add them to a blacklist zone file. This is a modified version of the script from Paul's Security Weekly (http://wiki.securityweekly.com/wiki/index.php/Episode472).
#!/bin/bash
HOME=/var/named
ADLISTURL="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig;showintro=0;mimetype=plaintext"
MWLISTURL="http://mirror1.malwaredomains.com/files/spywaredomains.zones"
ADLISTFILE=/tmp/adlistfile
MWLISTFILE=/tmp/mwlistfile
# Download newest blacklists
curl -s -o $ADLISTFILE $ADLISTURL
curl -s -o $MWLISTFILE $MWLISTURL
# Remove lines with comments
sed -i '/\/\// d' $ADLISTFILE $MWLISTFILE
# Remove empty lines
sed -i '/^$/ d' $ADLISTFILE $MWLISTFILE
# Remove ^M carriage-returns
sed -i 's/^M$//' $ADLISTFILE $MWLISTFILE
# Remove any domains with underscores, as this is an invalid character
sed -i '/_/ d' $ADLISTFILE $MWLISTFILE
# Clean-up zones and write blacklist file
awk '{ print $1 " " $2 " { type master; file \"/var/named/null.zone\"; };" }' $ADLISTFILE $MWLISTFILE | sort | uniq > $HOME/blacklist.zone
# Remove temporary files
rm -f $ADLISTFILE $MWLISTFILE
# Fix permissions
chown root:named $HOME/blacklist.zone
# Restart BIND
systemctl restart named.service
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment