Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

OpenBL: A website blacklist for improving firewall performance

A free website blacklist like OpenBL can help enterprise security organizations improve firewall performance -- at least temporarily.

My organization's security budget is strapped, but we still need to improve our firewall performance. I've read...

that free blacklists can be used along with firewall data to spot otherwise unnoticed attacks. Is this true? What should organizations look for in a free website blacklist?

Ask the Expert

Have questions about enterprise security? Send them via email today! (All questions are anonymous.)

In short, yes, this is true. If your organization's firewall is behind the times, or if you simply don't have the manpower to devote to the proper maintenance of the firewall, a temporary work-around is to utilize your firewall in conjunction with an open source website blacklist.

A good example of this is the OpenBL project. The way this works is that a firewall must maintain some sort of updated connectivity with the open source blacklist infrastructure and allow for the downloading of known nefarious URLs and IPs. This amounts to a very cheap way of keeping your firewall updated. What should be stressed here is the fact that this should never be viewed as a permanent solution to professional firewall maintenance. This technique should be considered temporary or an add-on to an already robust firewall infrastructure.

In terms of what to look for, that's a very difficult question to answer, as there are many ways that this can backfire on your organization. For example, it wouldn't be that hard for an attacker to configure a "free blacklist" website that begins to feed your firewall a long list of valid websites that are frequented by your organization's end users -- effectively using your own firewall as a mini denial-of-service tool. Therefore, when choosing a free blacklist website, go by overall reputation. As mentioned above, the OpenBL project has a fairly honest reputation, and you can rest assured that the list of nefarious sites that it feeds your firewall infrastructure are legitimately bad sites.

This was last published in November 2013

Dig Deeper on Network device security: Appliances, firewalls and switches

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.