Abstract: I'm happy to announce 🎉 that zDNS is now a part of the OpenBLD.net project. It is a DNS server that can be used as a blackhole for malicious domains. It is a great addition to the OpenBLD.net project, and I'm excited to see how it will evolve in the future 🚀

Befor begin​

Following Zero Trust model practices, I recently wrote and am slowly beginning to introduce new “blackhole” functionality into the OpenBLD.net DNS ecosystem.

zDNS is a DNS server that puts security and control over DNS queries at the center. With new functionality, zDNS now supports regular expressions in hosts.txt files, allowing more flexibility in configuring allowed queries. Now you can use the power of regular expressions to precisely control permissions, including subdomains and patterns.

Main zDNS features​

• Denies all DNS queries by default
• Allows you to configure allowed requests through the hosts.txt file
• Uses balancing strategies to ensure reliable operation with DNS servers
• 🛠 Easily customizable via YAML configuration
• 🔜 Prometheus metrics coming soon..

Additional protection of your infrastructure or testing requests with zDNS is possible and may be useful to you! Download the latest version here and start using a DNS server with powerful customization options:

• https://github.com/m0zgen/zdns/tree/dev

Last week, last month, this year... I've been meeting and talking to different people, and they all echoed the same sentiment - IPv6 is needed 💯

A few days ago, I got acquainted with VEESP.com, a company that generously provided OpenBLD.net with an incredibly fast server featuring a high-speed Ethernet connection 🛞

Abstract: Usually, I spend some time testing servers, then assign them a secondary role before introducing them to the production environment. However, this time was different...

I was so impressed 😱 with the veesp.com server's speed that it practically flew into production almost immediately... )

I believe this is a great opportunity to start exploring the IPv6 space. In this month or early 2024, I hope we can begin experimenting with IPv6!

If you're ready to participate in the preliminary testing, please let me know through this OpenBLD.net Pre-Release Testing Form. I will reach out to you directly when the time comes, and together we can strive to make this world even better.

P.S. Thanks to veesp.com and everyone who gives incentive to take a step forward 🤝

OpenBLD.net — Next Stage to Growth with Google Chrome Extension as a part of OpenBLD.net ecosystem.

I named it as OpenBLD.net Blocker, and it is available for Google Chrome and Brave browsers (or any Chrome based browsers)

DNS Protection with a Twist​

OpenBLD.net's DNS service blocks ads, trackers, and malware through domain name filtering routines. However, some marketing services use JavaScript code embedded in URLs to deliver their content, bypassing domain-based blocking methods.

OpenBLD.net Blocker Extension - utilizes URL filtering routines to identify and block these evasive ads and trackers.

Key Features​

• Lightweight and efficient extension
• Complements OpenBLD.net service
• Adheres to Google Manifest V3 standards
• Operates without relying on third-party servers or data collection
• Free from any malicious or harmful activities

How to Install​

• Open OpenBLD.net Blocker extension page from Google Chrome Store
• In install it

After installation, you can see OpenBLD.net Blocker icon in your browser extension chrome://extensions/ section.

• Done ✅

Embrace Enhanced Security​

With the OpenBLD.net, you can enjoy a safer and more secure online experience. Setup OpenBLD.net in your browser today and experience the difference!

Upcoming Changes in OpenBLD.net​

As time progresses and the user base grows, server capacities are expanding, necessitating more servers and funds. However, the budget is already allocated and distributed.

In light of the above, some changes are planned for the architecture of OpenBLD.net:

• ADA (DNS 53): Disable everywhere except for the main two or three servers
• RIC (DNS 53): Eliminate DNS 53 on all RIC servers, leaving only - DoT, DoH.

In summary: DNS 53 will remain only in the ADA infrastructure.

Important: Please let me know if this may break something for you; we will think together about what can be done.

Anyone who can contribute to the OpenBLD.net project, please don't hesitate. You can find information on how to do this and the benefits you can expect here.

🤝 Thanks to everyone who has helped and continues to help. Blessings to you all!

🚀 Exciting October'23 Upgrades at OpenBLD.net! 🚀​

We're thrilled to unveil the latest enhancements in our OpenBLD.net ecosystem. Here's what's new:

• New Filtering Routine Server: Strengthening the core of OpenBLD.net with a brand new filtering routine server.
• Enhanced Performance: Boosted RAM and CPU power on select servers for even smoother operation.
• German Server Addition: Testing out a new server in Germany for ada.openbld.net frontend scoping.
• Rule Tweaks: Updated blocking rules to better combat abused IPs and CIDRs.
• Improved Resource Handling: Optimized performance for web resources like Krisha, IvI, and Yandex Maps.

🚫 Reducing Threats: We've successfully blocked Kazakhstan-associated YoroTrooper attacks and the threat of spying on your iPhone. Plus, we've thwarted Keepass faked malware.

📣 Stay Connected:

• Join our official Telegram channel: Link
• Follow us on LinkedIn: Link

OpenBLD.net is your go-to service for a cleaner, distraction-free online experience.

Help us make the internet a better place for all! 💪

How can you reduce the threat of spying on your iPhone?

iPhone owners can be hacked through iMessage with Operation Triangulation infection chain and you can reduce thich chain attack together with OpenBLD.net.

In short. Operation Triangulation infection chain: a device receives a malicious iMessage attachment that launches a chain of exploits, and their execution ultimately results in the launch of the TriangleDB implant. In more detail, the infection chain can be summarized with the following article.

Infection chain:

Now all chained domains added to OpenBLD.net ecosystem, and of course - be careful about what and from whom you receive in your iMessage 😎