diff --git a/source/manual/aliases.rst b/source/manual/aliases.rst index 29c401be..cdf1b554 100644 --- a/source/manual/aliases.rst +++ b/source/manual/aliases.rst @@ -154,14 +154,6 @@ Then concatenate both by defining a new list: The end result will be a list with all ip addresses in one alias list (servers). -------- -GeoIP's -------- -While it is possible to use geoIP lists in aliases by importing or using the url -feature, OPNsense has a much more advanced way of blocking or allowing traffic based -on the geographical location (country) by utilizing the netmap enabled -:doc:`ips` see also :doc:`how-tos/ips-geoip` - ------------------------------ Configure DROP and EDROP lists ------------------------------ diff --git a/source/manual/ips.rst b/source/manual/ips.rst index cb022651..e1d60708 100644 --- a/source/manual/ips.rst +++ b/source/manual/ips.rst @@ -32,7 +32,7 @@ a list of "bad" SSL certificates identified by abuse.ch to be associated with malware or botnet activities. SSLBL relies on SHA1 fingerprints of malicious SSL certificates and offers various blacklists. -See fore details: https://sslbl.abuse.ch/ +See for details: https://sslbl.abuse.ch/ Feodo Tracker ------------- @@ -57,6 +57,13 @@ Feodo (also known as Cridex or Bugat) is a Trojan used to commit ebanking fraud See for details: https://feodotracker.abuse.ch/ +URLHaus List +------------- +With OPNsense version 18.1.7 we inroduced the URLHaus List from abuse.ch which collects +compromised sites distributing malware. + +See for details: https://urlhaus.abuse.ch/ + ------------------------ Maxmind GeoLite2 Country ------------------------ @@ -74,6 +81,15 @@ Finger Printing OPNsense includes a very polished solution to block protected sites based on their SSL fingerprint. +------------------- +App detection rules +------------------- +With OPNsense version 18.1.11 we introduced the app detection ruleset. +Since about 80 percent of traffic are web applications these rules are focused on +blocking web services and the URLs behind them. + +If you want to contribute to the ruleset see: https://github.com/opnsense/rules + -------- How-to's --------