Security via localhost

I know some of you run modified localhost files, so I wanted to get some feedback on this idea.

I'm thinking of localhost entries to block remote access software, typically the kind of stuff the "tech support" scams use. I'm a little worried my grandparents could fall for one of those scams so I want to see if I can block the most common software via localhost.

Trying to get a list together. thoughts?

Spoiler: hosts

Pretty much grabbing entries from here:
https://en.wikipedia.org/wiki/Comparison_of_remote_desktop_software

Code:

teamviewer.com              127.0.0.1
remotedesktop.google.com    127.0.0.1
remoteutilities.com         127.0.0.1
getscreen.me                 127.0.0.1
uvnc.com                    127.0.0.1
distantdesktop.com            127.0.0.1
anydesk.com                    127.0.0.1
aeroadmin.com                127.0.0.1
iperiusremote.com            127.0.0.1
zoho.com                    127.0.0.1
litemanager.com                127.0.0.1
showmypc.com                127.0.0.1
nchsoftware.com                127.0.0.1
beamyourscreen.com            127.0.0.1
logmein.com                    127.0.0.1
gotoassist.com                127.0.0.1
ammyy.com                    127.0.0.1
anywherets.com                127.0.0.1

 

You could run as raspberry pi with PiHole and block the domains that way, as window can compile with modified host files.

Using PiHole is how I block most stuff and I block quite a lot. To the stage that I have to use mobile internet to sign into my bank accounts now a days as on both main and guest networks I run have

Scam/pishing sites blocked.
Gambling/porn sites blocked.
Telemetry blocked.
Malware sites blocked.
Ads blocked.
Phone homes blocked for smart devices etc.

Yes it's a pain however it's a secure network. I set it up so far that guest networks DNS is my own DNS server that DoH's requests yet to do that on main.

Then using a raspberry pi you can set it up to be a remote access system too.


Sent from my SNE-LX1 using Tapatalk

 

That's a good idea. I'd also like to set something similar to that on my home network, but more than just adblocking. Currently looking at pihole, pfsense, untangle, firewalla.

 

I personally use PiHole via a Docker containers with a 3,772,262 domains blocklist and some manual allowlist and blocklist to add others. All this is ran on a X86 J4105 Seeed Odyssey Proxmox server which hosts the Portainer.io Virtual Machine.

Using Ad Blocker Test (d3ward.github.io) as a test i have a 98%-100% blocked rate and to make sure if others on the network hit a false positive, i also run PiPass which is a Frontend Webpage Blocker which shows if the site is blocked and allows for a temp unlock of the domain for 1 hour and to request the domain to be unlocked permanently.

As i am able to Winscp if you need the adlist set i use i can share it with you, else i can help you install pihole5-list-tool which will allow you to get the same list minus my custom addons.

If you use a Raspi with Portainer.Io you can then make not only the Pihole DNS server(s) but also a Recursive DNS which comes in handy. You can also then use the Raspi as a remote in station too there is software out there that will allow you to do this in docker containers such an example is Apache Guacamole which is a web browser VNC SSH RDP relay.