/ DEV & OPS

DNSMasq Antiwalware

unsplash-logoDaniil Silantev

Fun stuff

Malware and fraud site prevention using DNSMasq. Uses this excellent regularly updated hosts file (Recommended!), all on github. A link to my little script is referenced in the Readme on there, I have a link below if you just want to jump quickly to the gist.

DNSMasq conversion script

My github gist has a short shell script (bash, will work on any ‘nix) and uses ‘wget’ & ‘awk’ present in most distros, to fetch a specified hosts file and convert it the format required by dnsmasq. Supports ipv4 and ipv6. Designed to be used as either a shell script, or can be dropped into /etc/cron.weekly (or wherever suits). Script is short and easily edited, also has a short document attached with notes on dnsmasq setup.

  • more detail to follow, including a more advanced DNScrypt + DNSsec variant which I use. It uses the above setup with an added layer of security. Goodbye dns poisining.