views:

833

answers:

4

The Google Safe Browsing API allows for URLs to be checked against Google's database of malware and phishing domains. However, on the Developer's Guide page, it says that the API is experimental and the data format is likely to change.

Although I have had good experiences with a number of Google's APIs in the past, they have all been fairly stable. I don't think I'm willing to use an experimental API in my project, so I'm looking for an alternative.

+2  A: 

You could build your own locally-cached black list. If something comes back as bad from the Google API add it to your own local cache otherwise you can test it yourself.

Onorio Catenacci
That's still relying on the Google API. If it changes, I won't be able to generate a black list anymore.
Thomas Owens
No... it uses the GoogleAPI to keep a central cache up to date. If google changes things you can fix them at a central location rather than have to fix all copies of the code.
epochwolf
But I don't want to use an unstable Google API *at all*.
Thomas Owens
@epochwolf-- :-) Exactly.
Onorio Catenacci
@Thomas Owens--exactly how unstable would you expect _any_ Google API to be? I mean you said it yourself--the Google API's tend to be pretty stable. So why avoid an API on the slim possibility that you may have to change code some day. Show me working code that doesn't _ever_ have to be changed :-)
Onorio Catenacci
+3  A: 

There are a number of DNS blacklists available. See this page for background information on blacklists.

Bill the Lizard
Do you have any experiences or recommendations? I'll start looking, but there are a lot of choices, so anything to eliminate one or move one closer to the top of the list would be great.
Thomas Owens
I run several filter servers using the DansGuardian proxy. The best blacklists I've found are at: http://urlblacklist.com/
Steve Moyer
+1  A: 

BrightCloud just released an API for URL classification that is more comprehensive than the Google Safe Browsing API - it does cost money but it's cheap. In addition to categories like "Adult" and "Gambling" it also has security oriented categories like phishing, malware, and spam.

The full list of categories is here: http://brightcloud.com/masterdburllist.asp

Chris Harris
+1  A: 

Opera, a popular desktop / mobile browser, uses Netcraft (a paid service) - http://news.netcraft.com/phishing-site-feed/ - and PhishTank (a free service) - http://www.phishtank.com/ - to detect dangerous URLs. Netcraft offers a 'Phishing Site Feed' and PhishTank has an API.

Sam