Slashdot Mirror

← Back to Domains

Domain: malwareurl.com

Stories and comments across the archive that link to malwareurl.com.

Comments · 43

  1. Re:obligatory cutesy name by DonaId+Trump · · Score: 3, Interesting · on Cloudflare Leaks Sensitive User Data Across the Web (theregister.co.uk)

    Yep, CloudFlare is spraying supposedly TLS-encrypted data all over the internet in clear text?! What the fuck!? I almost want to laugh at CloudFlare's misfortune, except every internet user including me is probably affected by this. What the hell is the point of HTTPS at all, when so much HTTPS traffic is being purposely MITM'd for profit by CloudFlare? A very large part of the web is living under their leaky roof, meantime many in the professional networking community encourage this and help implement it. Again I ask what the fuck!? The whole company smells more like a CIA operation as time goes on.

    CLOUDFLARE IS UNDERMINING THE INTERNET, not to mention proudly serving ISIS terrorist websites, malware distributors, and DDoSers/Booters. They should be null routed and de-peered!

  2. How about targeting the source? by Anonymous Coward · · Score: 5, Informative · on The FBI Is Arresting People Who Rent DDoS Botnets (bleepingcomputer.com)

    Busting a few users sounds like the same failure that is the War On Drugs. They should go after the purveyors of these DDoS/stresser/booter services. Check out this recent list of them, all serviced by CloudFlare in the last year. This is who they need to arrest.

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers and the FBI loves CloudFlare. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

  3. Piracy should be the least of their concerns by Anonymous Coward · · Score: 0 · on Cloudflare Slams MPAA and RIAA's 'Distorted' Piracy Claims (torrentfreak.com)

    CloudFlare has many criminal customers. Check out this recent list of DDoS/"Stresser"/"Booter" websites serviced by CloudFlare:

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  4. Re:Admission by Anonymous Coward · · Score: 0 · on Cloudflare: We Can't Shut Down Pirate Sites (torrentfreak.com)

    It's a shame they won't admit to being a big part of the problem.

    CloudFlare has many criminal customers. Check out this recent list of DDoS/"Stresser"/"Booter" websites serviced by CloudFlare:

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  5. Re:I wonder how well.. by Anonymous Coward · · Score: 1 · on Krebs Is Back Online Thanks To Google's Project Shield (krebsonsecurity.com)

    It's very possible that CloudFlare is hosting the people who are responsible for the attacks against Krebs.

    CloudFlare has many criminal customers. Check out this recent list of DDoS/"Stresser"/"Booter" websites proudly hosted by CloudFlare:

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  6. Re:Story's Not Over by Anonymous Coward · · Score: 0 · on Why the Silencing of KrebsOnSecurity Opens a Troubling Chapter For the Internet (arstechnica.com)

    I wouldn't be surprised if CloudFlare is already hosting the people behind the DDoS attack.

    CloudFlare has many criminal customers. Check out this recent list of DDoS/"Stresser"/"Booter" websites proudly hosted by CloudFlare:

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  7. Look who's talking by Anonymous Coward · · Score: 1 · on Web Security CEO Warns About Control Of Internet Falling Into Few Hands (cnbc.com)

    CloudFlare has many criminal customers.

    Check out this recent list of DDoS/"Stresser"/"Booter" websites proudly hosted by CloudFlare:

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  8. Is this a CLOUDFLARE CRIMINAL issue? by Anonymous Coward · · Score: 0, Troll · on Alleged Proprietors of 'DDOS For Hire' Service vDOS Arrested (krebsonsecurity.com)

    vDOS? Like vdos-s.com?

    CloudFlare has many criminal customers. Check out this recent list of DDoS/"Stresser"/"Booter" websites proudly hosted by CloudFlare:

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  9. Re:Slashdot summary isn't great, it's "DDoS decade by Anonymous Coward · · Score: 0 · on Israeli DDoS Provider 'vDOS' Earned $600,000 In Two Years (krebsonsecurity.com)

    CloudFlare is hosting many of these DDoS services to start with, including the one in this article. Check out this recent list of DDoS/"Stresser"/"Booter" websites proudly hosted by CloudFlare:

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  10. Re:Cloudflare = criminals by Anonymous Coward · · Score: 1 · on Cloudflare Faces Lawsuit For Assisting Pirate Sites (torrentfreak.com)

    Check out this recent list of DDoS/"Stresser"/"Booter" websites proudly hosted by CloudFlare:

    alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddosclub.com, ddostheworld.com, defcon.pro, destressbooter.com, destressnetworks.com, diamond-stresser.net, diebooter.com, diebooter.net, down-stresser.com, downthem.org, exitus.to, exostress.in, free-boot.xyz, freebooter4.me, freestresser.xyz, grimbooter.com, heavystresser.com, hornystress.me, iddos.net, inboot.me, instabooter.com, ipstresser.co, ipstresser.com, jitterstresser.com, k-stress.pw, layer-4.com, layer7.pw, legionboot.com, logicstresser.net, mercilesstresser.com, mystresser.com, netbreak.ec, netspoof.net, networkstresser.com, neverddos.com, nismitstresser.net, onestress.com, onestresser.net, parabooter.com, phoenixstresser.com, pineapple-stresser.com, powerstresser.com, privateroot.fr, purestress.net, quantumbooter.net, quezstresser.com, ragebooter.net, rawlayer.com, reafstresser.ga, restricted-stresser.info, routerslap.com, sharkstresser.com, signalstresser.com, silence-stresser.com, skidbooter.info, spboot.net, stormstresser.net, str3ssed.me, stressboss.net, stresser.club, stresser.in, stresser.network, stresser.ru, stresserit.com, synstress.net, titaniumbooter.net, titaniumstresser.net, topstressers.com, ts3booter.net, unseenbooter.com, vbooter.org, vdos-s.com, webbooter.com, webstresser.co, wifistruggles.com, xboot.net, xr8edstresser.com, xtreme.cc, youboot.net

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  11. Re:Slashdot, fix your data:text/html;base64 ad spa by Anonymous Coward · · Score: 2, Informative · on Ashley Madison Security Protocols Violated Canada, Austrialia Privacy Laws (www.cbc.ca)

    FYI it decodes to the following:

    <!DOCTYPE html><html><head><meta name="viewport" content="width=device-width, user-scalable=false, initial-scale=1.0, maximum-scale=1.0"></head><body><div id="ifrm" style="padding:0; margin:0;"><iframe src="https://s3.amazonaws.com/www.aotq4jgqy9n71.info/US/k3j4j324324llll1111.html" style="top:0; left:0; width:100%; height:100%; position: absolute; border:0" scrolling="yes" allowFullScreen="yes"></iframe></div></body></html>

    "www.aotq4jgqy9n71.info" sure sounds like a totally reputable advertiser! Loading the page, it appears to be a scam claiming I won a free iPhone. They're illegally misappropriating a few Facebook trademarks. Answering the survey questions, I can reserve my free new iPhone by clicking a link to:

    http://qswotrk.com/mt/03644364...

    That redirects through a few different servers, ultimately landing me at:

    http://www.onlinelectronicsusa...

    If these ads are really being served by Slashdot, that's pretty fucking shady. As a bonus, I wonder who's hosting these scammers?

    $ host onlinelectronicsusa.com
    onlinelectronicsusa.com has address 104.28.31.128
    onlinelectronicsusa.com has address 104.28.30.128

    Oh, surprise surprise!

    NetRange: 104.16.0.0 - 104.31.255.255
    CIDR: 104.16.0.0/12
    NetName: CLOUDFLARENET

    If CloudFlare would stop providing bulletproof hosting for criminals and spammers, the internet would be a better place. But CloudFlare apparently loves its criminal customers. DDoS purveyors, terrorist websites, malware distributors, CloudFlare seems to welcome them all to its hive of scum and villainy. Maybe it's time to revive the concept of the Usenet Death Penalty and apply it to all traffic to and from CloudFlare. They're the sewer of the internet and should be null routed and de-peered.

    See also: CloudFlare Watch

  12. When it comes to pwnage by Anonymous Coward · · Score: 1 · on Amazon and Microsoft Are Running One and Two in Two-Cloud Race (fortune.com)

    When it comes to pwnage, Microsoft is on top. I get more abusive traffic like SSH and SASL probes out of Azure IP space than any other source by a large margin. AWS used to be pretty bad but they got their act (mostly) together last year. Microsoft's Azure reporting form must be a black hole and it seems like their whole cloud must be rooted by bots.

    AS8075

  13. Re:Ask yourselves these questions... apk by Anonymous Coward · · Score: 0 · on Looking Up Symptoms Online? These Companies Are Tracking You

    From 12 reputable & reliable known sources in the security community.

    APK

    P.S.=> http://hosts-file.net/hphosts-...
    http://hosts-file.net/ad_serve...
    http://mirror1.malwaredomains....
    http://someonewhocares.org/hos...
    http://www.malwaredomainlist.c...
    http://winhelp2002.mvps.org/ho...
    http://www.malwareurl.com/
    http://www.malware.com.br/cgi/...
    http://hostsfile.org/Downloads...
    http://hostsfile.mine.nu/hosts...
    http://pgl.yoyo.org/as/serverl... ... apk

  14. Tell you what: THESE *may* help... apk by Anonymous Coward · · Score: -1 · on India Blocks Code Sharing Websites On Anti-Terror Advisory

    They CAN function as decent indicators (provided this isn't some "brand new" site they haven't tested):

    http://safeweb.norton.com/buzz
    http://www.siteadvisor.com/
    http://wepawet.iseclab.org/
    http://www.mywot.com/en/commun...
    http://www.virustotal.com/
    http://www.mcafee.com/us/mcafe...
    http://www.malwareurl.com/list...
    http://cbl.abuseat.org/lookup....
    http://www.threatstop.com/chec...
    http://www.avgthreatlabs.com/s...

    * You can run sites OR IP Addresses thru them to check *ANY* sites you wish that you're unsure of... enjoy!

    APK

    P.S.=> In fact, I built hooks into those into this application of mine (in its "Site Checkers" menu, pictured below) that allows users of my APK Hosts File Engine 9.0++ 32/84-bit-> http://start64.com/index.php?o... to answer the SAME basic question you have - in case they wish to remove any sites blocked in the hosts file data imported, these sites give them a FAR MORE DECENT INDICATOR than mere "word-of-mouth"... apk

  15. Agreed, 110% (unfortunately)... apk by Anonymous Coward · · Score: 0, Informative · on Maintaining a Publicly Available Blacklist - Mechanisms and Principles

    The reason I state this, is because I've been building up a successful blacklist (albeit NOT vs. "spam" or phishers only, but more vs. online threats in maliciously scripted sites &/or servers known to serve up malware etc.):

    Yes, thus - I'd have to say, based on 15++ yrs. of experience doing it (based on reputable & reliable sites listed below) that yes, MOST of it comes from those nations (& that's why I said "unfortunately" in my subject-line - since I know their people are NOT "all bad", just that they have a lot of what you state going on).

    I base this not only on "opinion" but HARD DATA too!

    From a list I apply in custom hosts files of over 1,967,147 such bogus sites/servers that grows by almost 200 - 2,000 such sites each day, approximately (that *might* strike some of you as "fantastic", but it's real)... I get my data from the following sites:

    http://hosts-file.net/?s=Download
    http://www.malwaredomainlist.com/hostslist/hosts.txt
    http://www.malware.com.br/cgi/submit?action=list_hosts_win_0000
    http://winhelp2002.mvps.org/hosts.htm
    https://spyeyetracker.abuse.ch/monitor.php?filter=lastupdated
    http://safeweb.norton.com/noscript/
    http://mirror1.malwaredomains.com/files/
    http://hostsfile.org/hosts.html
    http://www.malwareurl.com/
    http://sysctl.org/cameleon/hosts
    http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
    http://www.safer-networking.org/dl/
    http://amada.abuse.ch/palevotracker.php

    AND, then I import, consolidate, sort, & deduplicate that data using this application I wrote to do so:

    ---

    APK Hosts File Engine 5.0++ 32/64-bit:

    http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

    ---

    Why? Simple - it works, & on the SIMPLEST PRINCIPLE OF ALL: What you can't touch, can't hurt you... & I never was the type of person to just "sit around & take it" - I do something about it, IF possible. The above IS my possible, and it is possible & works (in combination with all I put into this security guide I authored from 1997-2007, here -> http://www.google.com/search?hl=en&output=search&sclient=psy-ab&q=%22How+to+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=PjNrUcDVGpSz4AOJuIHQDQ that works on the BEST THING WE HAVE GOING: "Layered-Security"/"Defense-in-Depth"... & yes, it works! )

    APK

    P.S.=> Any questions?

    ... apk

  16. I do pretty much the same here... apk by Anonymous Coward · · Score: -1 · on Google Uses Reputation To Detect Malicious Downloads

    Except I completely control it locally @ the fastest level of operations possible (the TCP/IP stack running in PnP designed kernelmode/rpl 0/ring 0 operations) as a filter:

    ---

    APK Hosts File Engine 5.0++ 32/64-bit:

    http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

    ---

    (What custom hosts files do for me in added value for better speed, security, reliability, & even anonymity to an extent is listed there in 16 discrete points...)

    * "Auto-Magically" populating & creating a custom hosts file from 14++ reputable & reliable sources for data for protecting vs. known malicious sites/servers/hosts-domains:

    http://hosts-file.net/?s=Download
    http://www.malwaredomainlist.com/hostslist/hosts.txt
    http://www.malware.com.br/cgi/submit?action=list_hosts_win_0000
    http://mirror1.malwaredomains.com/files/
    http://hostsfile.org/hosts.html
    http://someonewhocares.org/hosts/
    http://www.malwareurl.com/
    http://sysctl.org/cameleon/hosts
    http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
    http://winhelp2002.mvps.org/hosts.htm
    http://hostsfile.mine.nu/downloads/
    http://safeweb.norton.com/buzz
    https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
    http://amada.abuse.ch/palevotracker.php

    APK

    P.S.=> Best part is, it's not only of value for security, but also for added:

    ---

    1.) Speed (via blocking adbanners as well as bogus sites online, but also via "hardcoding" your favorite sites into it for FASTER IP address resolution locally than from remote DNS servers (which have faults in them, many of which remain unpatched vs. the Kaminsky DNS redirection poisoning flaw, 1/2 a decade++ later AFTER its discovery -> )

    2.) Reliability (vs. said unpatched flaw above OR downed remote DNS servers)

    3.) To an extent, anonymity (vs. DNS request logs)

    ---

    ... apk

  17. Good one: Here's more... apk by Anonymous Coward · · Score: 0 · on Facebook Breaks Major Websites With Redirection Bug

    Sources for custom hosts file data for a myriad of purposes, all listed here (which THIS VERY PROGRAM uses):

    ---

    APK Hosts File Engine 5.0++ 32/64-bit:

    http://www.start64.com/index.php?option=com_content&id=5851:apk-hosts-file-engine-64bit-version&Itemid=74

    ---

    SOURCES IT USES FOR CUSTOM HOSTS FILE DATA INTAKE:

    http://safeweb.norton.com/buzz

    http://hosts-file.net/?s=Download

    http://hostsfile.org/hosts.html

    http://winhelp2002.mvps.org/hosts.htm

    https://zeustracker.abuse.ch/monitor.php?filter=lastupdated

    https://spyeyetracker.abuse.ch/monitor.php?filter=all

    http://www.malware.com.br/cgi/submit?action=list_hosts_win_0000

    http://www.malwareurl.com/

    http://www.malwaredomainlist.com/hostslist/hosts.txt

    http://mirror1.malwaredomains.com/files/

    http://sysctl.org/cameleon/hosts

    http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext

    http://hostsfile.mine.nu/downloads/

    http://ddanchev.blogspot.com/

    ---

    * HOWEVER: You don't NEED TO KNOW THAT, since the program above uses most all of those sources listed above, & does the work for you, of - Import, Deduplicate & Filter/Normalize + Convert blocking address format used, Speed up hardcoded favorites (which ARE what can solve redirection problems in DNS & most likely here too with facebook mind you), & Save to hosts itself... from those very reliable & reputable sources for custom hosts file data online!

    APK

    P.S.=> Enjoy if you use the program I wrote above, & good on your part to see here that you have enough sense to take advantage of custom hosts files for better online speed, security, reliability, & of course, even better anonymity (to an extent, vs. DNS request logs OR vs. DNSBL's you may not like too)...

    ... apk

  18. Re:Let's see if this works by Anonymous Coward · · Score: 0, Funny · on You're Being DDOSed — What Do You Do? Name and Shame?

    Jorge, you can name me all you want, but there is no shame is using a hosts file to block DDoS Packets. I have a foolproof list that blows away your arguments.

    P.S.=> There's other methods also, via native to OS tools for network-wide propogation of fresh clean updated hosts files that program yields IF you only installed it on a "central server" for clean hosts for all nodes/workstations/servers:

    I.E.-> Centrally managed hosts files? Easy as pie via logons scripts, or parse of autoexec in Windows @ bootup via GPEdit & group policies company-wide!

    OR

    Using taskscheduler on each workstation/server node periodically

    P.P.S.=> Of course, your HOSTS file will need to have the domain/hosts name of the C&C servers, & that you have to obtain for this to work vs. threats like bogus servers &/or maliciously scripted sites. Here's some good sources for that above & beyond mvps.org (I noted them above):

    http://hosts-file.net/?s=Download
    http://www.malwaredomainlist.com/hostslist/hosts.txt
    http://mirror1.malwaredomains.com/files/ (justdomains here)
    http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
    http://sysctl.org/cameleon/hosts
    http://someonewhocares.org/hosts/
    http://hostsfile.org/hosts.html
    http://hostsfile.mine.nu/downloads/
    https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
    https://spyeyetracker.abuse.ch/monitor.php?filter=lastupdated
    http://www.apkgoatsestylepersonalpics.com/hostsfiles.htm
    http://www.malwareurl.com/
    http://www.safer-networking.org/en/download/ (updater for Spybot "Search & Destroy" & it fortifies HOSTS files)

    Those are some of my regular sources that are reputable & reliable for custom HOSTS file data populations vs. known threats online - I consolidate them here via programs I wrote that normalize/deduplicate repeated entries, sort/alphabetize the results, & change from larger + slower 127.0.0.1 (longer & loopback ops happen here) to the faster & smaller 0.0.0.0 (or even 0 on Windows 2000/XP/Server 2003): Enjoy!

    ... apk

    P.P.P.P.S.=> There you go... it all works, GUI easily from my app, all the way out to any endpoint PC/Server on a LAN/WAN even... often as you like & CLEAN/FRESH too!

    P.P.P.P.P.S=> It's good "layered-security"/"defense-in-depth" & does things AdBlock, DNS, & even firewalls can't (like speed up access to fav. sites + make them reliable in the event of DNS poisoning redirects or being "downed" even...) & gets P.P.P.P.P.P.S.=> back SPEED/BANDWIDTH users pay for out of pocket along with their POWER BILL too...

    P.P.P.P.P.P.P.S.=> I skipped P.P.P.S=>

  19. Re:Upgrades do suck by Anonymous Coward · · Score: 0 · on Google Talks About Its Ubuntu Experience

    DO THE FOLLOWING (after obtaining a good reputable solid HOSTS file, like mvps' -> http://www.mvps.org/winhelp2002/hosts.htm

    ---

    1.) Get ahold of the "Android Debugging Bridge" (ADB) & install it

    2.) Mount your system mountpoint as READ + WRITE (as powerful of priveleges as you need is this)

    3.) Using the PULL command, copy the file over from your PC (or even on your ANDROID if its there already) using PULL & overwrite the etc. folder's copy of HOSTS

    ---

    * DONE!

    (Yes, it's THAT simple vs. hosts-domain based threats which ARE THE MAJORITY OF THEM OUT THERE (because hosts-domain names are recyclable unlike IP addresses)... &, it works - you CAN'T be burned if you can't go into the malware kitchen!)

    APK

    P.S.=> Of course, your HOSTS file will need to have the domain/hosts name of the C&C servers, & that you have to obtain for this to work vs. threats like bogus servers &/or maliciously scripted sites. Here's some good sources for that above & beyond mvps.org (I noted them above):

    http://hosts-file.net/?s=Download
    http://www.malwaredomainlist.com/hostslist/hosts.txt
    http://mirror1.malwaredomains.com/files/ (justdomains here)
    http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
    http://sysctl.org/cameleon/hosts
    http://someonewhocares.org/hosts/
    http://hostsfile.org/hosts.html
    http://hostsfile.mine.nu/downloads/
    https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
    https://spyeyetracker.abuse.ch/monitor.php?filter=lastupdated
    http://www.malwareurl.com/
    http://www.safer-networking.org/en/download/ (updater for Spybot "Search & Destroy" & it fortifies HOSTS files)

    Those are some of my regular sources that are reputable & reliable for custom HOSTS file data populations vs. known threats online - I consolidate them here via programs I wrote that normalize/deduplicate repeated entries, sort/alphabetize the results, & change from larger + slower 127.0.0.1 (longer & loopback ops happen here) to the faster & smaller 0.0.0.0 (or even 0 on Windows 2000/XP/Server 2003): Enjoy!

    ... apk

  20. I defend against disk corruption with HOSTS files by Anonymous Coward · · Score: 0, Offtopic · on Microsoft Redesigns chkdsk For Windows 8, Improves NTFS Health Model
    DO THE FOLLOWING -- obtain a good reputable solid HOSTS file, like mvps' -> http://www.mvps.org/winhelp2002/hosts.htm

    * DONE!

    (Yes, it's THAT simple vs. hosts-domain based threats which ARE THE MAJORITY OF THEM OUT THERE (because hosts-domain names are recyclable unlike IP addresses)... &, it works - you CAN'T be burned if you can't go into the malware kitchen!) No more malware, no disk corruption!

    This concept & technique is VERY simple to understand, as far as how to install a custom HOSTS file, how to get data to populate it (& if need be? An Access import & "SELECT * DISTINCT FROM (tablename) ORDER BY ASC" type query & export can do the deduplication/normalization end even).

    E.G.-> I've taught it to people who have NO CLUE in computing in fact, & they took to it like ducks to water - especially custom editing their custom HOSTS file with text editors once they understand what speeds them up (hardcodes) & secures them + how, by blocking out bogus sites/servers!

    (And? Heck - They ought to like it & take to them fast! Especially considering a custom HOSTS file acts as a security layer AND more-or-less, an "online turbocharger" for speed too, for free! You already own one anyhow, with any OS that uses a BSD based IP stack (which IS most))...

    P.S.=> Of course, your HOSTS file will need to have the domain/hosts name of the C&C servers, & that you have to obtain for this to work vs. threats like bogus servers &/or maliciously scripted sites. Here's some good sources for that above & beyond mvps.org (I noted them above):

    http://hosts-file.net/?s=Download
    http://www.malwaredomainlist.com/hostslist/hosts.txt
    http://mirror1.malwaredomains.com/files/ (justdomains here)
    http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
    http://sysctl.org/cameleon/hosts
    http://someonewhocares.org/hosts/
    http://hostsfile.org/hosts.html
    http://hostsfile.mine.nu/downloads/
    https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
    https://spyeyetracker.abuse.ch/monitor.php?filter=lastupdated
    http://www.malwareurl.com/
    http://www.safer-networking.org/en/download/ (updater for Spybot "Search & Destroy" & it fortifies HOSTS files)

    Those are some of my regular sources that are reputable & reliable for custom HOSTS file data populations vs. known threats online - I consolidate them here via programs I wrote that normalize/deduplicate repeated entries, sort/alphabetize the results, & change from larger + slower 127.0.0.1 (longer & loopback ops happen here) to the faster & smaller 0.0.0.0 (or even 0 on Windows 2000/XP/Server 2003): Enjoy!

    ... apk

  21. I defend ANDROID smartphones w/ HOSTS files by Anonymous Coward · · Score: 4, Interesting · on Defending Your Cellphone Against Malware

    DO THE FOLLOWING (after obtaining a good reputable solid HOSTS file, like mvps' -> http://www.mvps.org/winhelp2002/hosts.htm

    ---

    1.) Get ahold of the "Android Debugging Bridge" (ADB) & install it

    2.) Mount your system mountpoint as READ + WRITE (as powerful of priveleges as you need is this)

    3.) Using the PULL command, copy the file over from your PC (or even on your ANDROID if its there already) using PULL & overwrite the etc. folder's copy of HOSTS

    ---

    * DONE!

    (Yes, it's THAT simple vs. hosts-domain based threats which ARE THE MAJORITY OF THEM OUT THERE (because hosts-domain names are recyclable unlike IP addresses)... &, it works - you CAN'T be burned if you can't go into the malware kitchen!)

    APK

    P.S.=> Of course, your HOSTS file will need to have the domain/hosts name of the C&C servers, & that you have to obtain for this to work vs. threats like bogus servers &/or maliciously scripted sites. Here's some good sources for that above & beyond mvps.org (I noted them above):

    http://hosts-file.net/?s=Download
    http://www.malwaredomainlist.com/hostslist/hosts.txt
    http://mirror1.malwaredomains.com/files/ (justdomains here)
    http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
    http://sysctl.org/cameleon/hosts
    http://someonewhocares.org/hosts/
    http://hostsfile.org/hosts.html
    http://hostsfile.mine.nu/downloads/
    https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
    https://spyeyetracker.abuse.ch/monitor.php?filter=lastupdated
    http://www.malwareurl.com/
    http://www.safer-networking.org/en/download/ (updater for Spybot "Search & Destroy" & it fortifies HOSTS files)

    Those are some of my regular sources that are reputable & reliable for custom HOSTS file data populations vs. known threats online - I consolidate them here via programs I wrote that normalize/deduplicate repeated entries, sort/alphabetize the results, & change from larger + slower 127.0.0.1 (longer & loopback ops happen here) to the faster & smaller 0.0.0.0 (or even 0 on Windows 2000/XP/Server 2003): Enjoy!

    ... apk

  22. Glad it's working 4U (you'll like this I think) by Anonymous Coward · · Score: 0 · on Potential 0-Day Vulnerability For BIND 9

    Based on your success using a HOSTS file for added speed - you can also get more "layered-security"/"defense-in-depth" added as well, & here are some of the sites I use online to populate my HOSTS file vs. various online threats (all current, updated regularly, & reputable):

    http://hosts-file.net/?s=Download
    http://winhelp2002.mvps.org/hosts.htm
    http://someonewhocares.org/hosts/
    http://www.malwaredomainlist.com/hostslist/hosts.txt
    https://spyeyetracker.abuse.ch/monitor.php
    https://zeustracker.abuse.ch/monitor.php?filter=all
    http://amada.abuse.ch/palevotracker.php
    http://www.malware.com.br/cgi/submit?action=list_hosts_win_0000
    http://www.safer-networking.org/en/download/
    http://www.malwareurl.com/
    http://mirror1.malwaredomains.com/files/
    http://hostsfile.org/hosts.html
    http://doc.emergingthreats.net/bin/view/Main/HoneywallSamples

    * There you go - that'll "get you started" on the road to not only FASTER websurfing, but also SAFER websurfing as well...

    APK

    P.S.=> Now, as far as "integrating" them into your HOSTS file?

    Those sites offer various tools for that (I have built my own over time & you can even use tools like MS-Access for the hard part, deduplication for unique entry data via SELECT DISTINCT queries if need be, but I think the best tool offered on 1 of those sites is a PERL deduplication script (you have to have PERL installed though) as far as the tools offered by others from those sources.

    Thus, You may wish to look into the FREE tools offered on those sites, if not compare them as well, & just for the purposes of import, deduplication/normalization, + more as well!

    So - enjoy & continued good luck to you (as well as "salutations" for trying a custom HOSTS file & experiencing what you have, thusfar)...

    ... apk

  23. GET MORE THAN THAT FREE (Using HOSTS files) by Anonymous Coward · · Score: -1 · on Low-Latency Network Shaves Milliseconds from UK-Asia Traffic

    By far, & so can anyone else in 2 ways:

    1.) Blocking out adbanners (which have been known to serve up malware many times in the past 7++ yrs. or more, no less)

    &

    2.) Hardcoding your favorite sites into it (so you avoid DNS lookups that take longer than 30-60ms or more to send back a host-domain name resolved to IP address, & also from possibly downed, OR "dns-poisoned" misdirected DNS servers)

    Nice part is, it didn't cost ME "billions of dollars" to get a HELL OF A LOT MORE SPEED BACK FOR MY MONIES I PAY OUT TO BE ONLINE (as well as a hell of a lot better "layered security" to go with it), using HOSTS files...

    APK

    P.S.=> And, they're FREE, & data for them is as simple as pinging your fav. sites for their IP address (so you can LOCALLY "Self-Resolve" the host-domain name to IP address equation), & blocking adbanners has data widely available for it also (in addition to blocking out KNOWN bogus sites that serve up malware) for security too, such as this list of them:

    http://hosts-file.net/?s=Download
    http://www.malwaredomainlist.com/hostslist/hosts.txt
    http://www.malware.com.br/cgi/submit?action=list_hosts_win_0000
    http://mirror1.malwaredomains.com/files/
    http://someonewhocares.org/hosts/
    http://www.malwareurl.com/
    https://spyeyetracker.abuse.ch/monitor.php
    https://zeustracker.abuse.ch/monitor.php?filter=online
    http://winhelp2002.mvps.org/hosts.htm
    http://hostsfile.org/hosts.html
    http://www.safer-networking.org/en/download/

    By this point in time, since 1997 with lists of my own? I have 1.6++ million bogus sites/servers/hosts-domains, adbanner servers, & far more that's "not good for your speed OR security online" blocked-out, & my DSL connection runs MORE like a GOOD CABLE CONNECTION instead for websurfing, easily!

    ... apk

  24. I see that domain a LOT from by Anonymous Coward · · Score: -1 · on Google Blocks co.cc From Search Results

    http://www.malwareurl.com/ (from their lists for populating HOSTS files).

    * Search thru their databases & see what I mean (You can do a "trial membership" for free to do so).

    Now, based on that experience here?

    The MOST/MAJORITY TYPES OF TLD's I have seen populating a custom HOSTS file here (vs. adbanners, known bad sites/servers/hosts-domains, botnet C&C Servers + bogus DNS servers) are as follows:

    ---

    .cn

    .ru

    .co.cc (the topic of the article no less)

    .info

    .uk

    .net

    .biz

    .org

    .in

    .fr

    .de

    .tw

    .jp

    .eu

    .ws

    .it

    .dk

    .ch

    .nl

    .br

    .kr

    .pl

    & of course, the ubiquitous .com...

    ---

    (Again - That's since my starting one in 1997 to present, from 17 reputable & reliable sources for HOSTS file data & DNSBL's I convert over for HOSTS using domains/subdomains, only...)

    APK

    P.S.=> Currently, as of right now? I am @ 1,468,636++ & growing entries in said HOSTS file...

    (Forcing me to turn off the limited size local DNS client in Windows (no such thing afaik in Linux though, I'll give linux that over Windows @ least), but so what?

    The local diskcache kernel mode subsystem caches it after first request, & I read it up from a TRUE SSD (non-FLASH RAM, DDR2 instead on PCI-Express x4 bus))

    ...apk

  25. I block their C&C servers via HOSTS files by Anonymous Coward · · Score: -1 · on Conficker Blamed In $72M Scareware Ring

    HOSTS files, combined with firewalls rules tables (for IP address based ones).

    It's easy enough to do, the data's out there by the TRUCKLOAD on Conficker and many other known botnets, sites/servers/hosts-domains that serve up malware-in-general (virus/spyware etc./et al).

    Here are 15 or so that I use for anyone that's interested in protecting themselves in this manner:

    ---

    http://www.mvps.org/winhelp2002/hosts.htm

    http://hostsfile.org/hosts.html

    http://someonewhocares.org/hosts/

    http://www.malwareurl.com/

    https://zeustracker.abuse.ch/monitor.php?filter=online

    https://spyeyetracker.abuse.ch/monitor.php

    http://www.malwaredomainlist.com/hostslist/hosts.txt

    http://www.malware.com.br/lists.shtml

    http://hosts-file.net/?s=Download

    http://www.malwaredomains.com/

    http://securehomenetwork.blogspot.com/search?updated-min=2011-01-01T00%3A00%3A00-05%3A00&updated-max=2012-01-01T00%3A00%3A00-05%3A00&max-results=12

    http://www.safer-networking.org/en/download/index.html (Spybot Search & Destroy has an IMMUNIZE feature that works on HOSTS files here)

    http://safeweb.norton.com/buzz

    http://blocklistpro.com/download-center/view-details/blocklist-pro-blocklists-mirror/1632-hosts.zip.html

    ---

    HOSTS files are the main route I took because they offer not just security benefits, but also speed benefits (very noticeable ones), & even anonymity ones to an extent (vs DNSBL)

    HOSTS files, imo @ least, are even easier to deal with than a firewall (software OR router based) rules table if you ask me!

    I did so again - Because of layered security they offer (combinations of Norton DNS (dnsbl filtering DNS vs. malware online threats & botnets), & firewall rules tables)) AND SPEED GAINS POSSIBLE TOO, via an easily edited route in a text file (which is all HOSTS are, a filter that works at the fastest & most efficient level there is, the IP subsystem).

    I.E -> HOSTS are EASY to edit as well with any text editor also (which, face it, anyone can handle using) to add or even remove (or # symbol comment off temporarily even) data from its internal records list.

    It works & on the SIMPLEST PRINCIPLE THERE IS for security: You can't get burnt if you don't go into the malware/botnet kitchen!

    (I do so based on the principle of "layered security", especially vs. online threats...)

    E.G.-> So, if one protective scheme fails, the others is there to kick in to protect you!

    (They all work in combination w/ one another seamlessly-transparently... so, it's basically the same idea I suppose, as folks putting deadbolts, door handle knob locks, & chain locks on a door for 'triple layer security' really!)

    It works & on the SIMPLEST PRINCIPLE THERE IS for extra speed, & bandwidth YOU PAY FOR OUT OF POCKET also:

    See, nicest part about HOSTS files though, is that it's easy to insert other things (say for blocking adbanners) that speed you up online (via hardcoding your fav. sites into it, host-domain name to IP Address resolved, ea

  26. Custom HOSTS files can achieve the same by Anonymous Coward · · Score: 0, Informative · on Security Service Accidentally Makes Websites 60% Faster

    Here's an EASIER trick, with a FREE "Tool" you already own, that's only a single text file filter for your IP stack: A custom HOSTS file, that yields the same results!

    (I think it'd be interesting to see this service, COMBINED w/ what I am about to speak of in custom HOSTS files usage, and benefits to the end-user).

    "According to the article, the speed boost comes from two things" - by Anonymous Coward on Wednesday June 08, @12:42AM (#36371418)

    The gains HOSTS files offer in both speed, & security, are twofold:

    ---

    FOR ADDED SPEED:

    1.) Blocks out adbanners & the lag they introduce into webpage loads/downloads for consumption

    2.) Hardcoding in your favorite website (to avoid DNS roundtrip lookup & result return time)

    ---

    FOR ADDED SECURITY:

    1.) Blocks out KNOWN malicious sites/servers/hosts-domain names

    2.) Protection vs. DNS issues (such as the "Kaminsky flaw", or downed/compromised DNS servers that have been "redirect poisoned")

    ---

    They work, they're free, and you can obtain one easily!

    (OR, just combine ALL of the ones listed in my 'p.s.' below, & a db import of the file using a SELECT DISTINCT query can do it for example, as a way, or mvps.org offers a tool called HOSTSMAN that does it also (there are others like it as well, I designed one, & so have others)).

    You already can do this yourself since any OS that uses a BSD derived IP stack already has one (even ANDROID phones), easily, & populate the custom HOSTS file yourself from the sources noted above!

    (I consolidate them all into a single de-duplicated/normalized version, that which currently blocks out 1,429,303++ KNOWN bad sites/servers/hosts-domains, AND, speeds me up VERY noticeably (via blocking out adbanners, a possible threat for years now in malicious code in them & a bandwidth + speed hog OR, by 'hardcoding in' my favorite sites (to bypass DNS lookup & return roundtrip time) also))

    APK

    P.S.=> Here are some reputable, & reliable sources for said HOSTS file security data (as well as prebuilt HOSTS files for instant download & usage on your parts):

    http://safeweb.norton.com/buzz

    http://doc.emergingthreats.net/bin/view/Main/HoneywallSamples

    http://securehomenetwork.blogspot.com/search?updated-min=2011-01-01T00%3A00%3A00-05%3A00&updated-max=2012-01-01T00%3A00%3A00-05%3A00&max-results=12

    http://www.malwaredomainlist.com/hostslist/hosts.txt

    http://www.malwaredomains.com/

    http://hosts-file.net/?s=Download

    http://www.malware.com.br/lists.shtml

    http://www.malware.com.br/lists.shtml

    https://spyeyetracker.abuse.ch/monitor.php

    https://zeustracker.abuse.ch/monitor.php?filter=online

    http://www.malwareurl.com/

    http://someonewhocares.org/hosts/

    http://www.mvps.org/winhelp2002/hosts.htm

    ... apk

  27. Do the same w/ a custom HOSTS file by Anonymous Coward · · Score: -1 · on Security Service Accidentally Makes Websites 60% Faster

    Here's an EASIER trick, with a FREE "Tool" you already own, that's only a single text file filter for your IP stack: A custom HOSTS file!

    "They offer a security product for websites, and in the process of designing it so that it didn't add much latency, they inadvertently made it into a CDN that speeds things up. There. Now we all know what the trick is." - by Anubis IV (1279820) on Wednesday June 08, @12:56AM (#36371492)

    The gains it offers in both speed, & security, are twofold:

    ---

    FOR ADDED SPEED:

    1.) Blocks out adbanners & the lag they introduce into webpage loads/downloads for consumption

    2.) Hardcoding in your favorite website (to avoid DNS roundtrip lookup & result return time)

    ---

    FOR ADDED SECURITY:

    1.) Blocks out KNOWN malicious sites/servers/hosts-domain names

    2.) Protection vs. DNS issues (such as the "Kaminsky flaw", or downed/compromised DNS servers that have been "redirect poisoned")

    ---

    They work, they're free, and you can obtain one (or combine ALL of these, a db import of the file using a SELECT DISTINCT query can do it for example, as a way, or mvps.org offers a tool called HOSTSMAN that does it also (there are others like it as well, I designed one, & so have others)).

    You already can do this yourself since any OS that uses a BSD derived IP stack already has one (even ANDROID phones), easily, & populate the custom HOSTS file yourself from the sources noted above!

    (I consolidate them all into a single de-duplicated/normalized version, that which currently blocks out 1,429,303++ KNOWN bad sites/servers/hosts-domains, AND, speeds me up VERY noticeably (via blocking out adbanners, a possible threat for years now in malicious code in them & a bandwidth + speed hog OR, by 'hardcoding in' my favorite sites (to bypass DNS lookup & return roundtrip time) also))

    APK

    P.S.=> Here are some reputable, & reliable sources for said HOSTS file security data (as well as prebuilt HOSTS files for instant download & usage on your parts):

    http://safeweb.norton.com/buzz

    http://doc.emergingthreats.net/bin/view/Main/HoneywallSamples

    http://securehomenetwork.blogspot.com/search?updated-min=2011-01-01T00%3A00%3A00-05%3A00&updated-max=2012-01-01T00%3A00%3A00-05%3A00&max-results=12

    http://www.malwaredomainlist.com/hostslist/hosts.txt

    http://www.malwaredomains.com/

    http://hosts-file.net/?s=Download

    http://www.malware.com.br/lists.shtml

    http://www.malware.com.br/lists.shtml

    https://spyeyetracker.abuse.ch/monitor.php

    https://zeustracker.abuse.ch/monitor.php?filter=online

    http://www.malwareurl.com/

    http://someonewhocares.org/hosts/

    http://www.mvps.org/winhelp2002/hosts.htm

    ... apk

  28. My HOSTS updates "automagically" every 15 min. by Anonymous Coward · · Score: -1 · on DNS Heavyweights Raise Concern Over DNS Filtering

    Via a PyThon script, that does the following:

    ---

    1.) Removes duplicates/normalizing the HOSTS file

    2.) Alphabetizes it

    3.) Changes the larger & slower 127.0.0.1 loopback adapter std. address MOST hosts files use typically, opting for the smaller & FASTER read in (and with no loopback, pure "blackholing" only) 0.0.0.0 address!

    4.) It also removes any # comments that bloat hosts, along with "trailing nulls or blanks" many have that additionally bloat the HOSTS file.

    ---

    Once she's read up into the DNS client cache (must turn this off for large ones like mine, currently @ 1,017,970++ entries strong), OR, into the local DISKCACHE (since it's just a filtering file for the IP Stack)?

    She's fast as nobody's business!

    APK

    P.S.=> That's how I do it, & all that, & from these reputable & reliable sources for HOSTS file data vs. adbanners &/or KNOWN bad sites/servers/hosts-domain names:

    http://www.malwaredomains.com/

    https://zeustracker.abuse.ch/monitor.php?filter=online

    https://spyeyetracker.abuse.ch/monitor.php

    http://hosts-file.net/?s=Download

    http://www.malware.com.br/lists.shtml

    http://www.malwareurl.com/

    http://someonewhocares.org/hosts/

    http://www.mvps.org/winhelp2002/hosts.htm

    http://hostsfile.org/hosts.html

    http://hostsfile.mine.nu/downloads/

    http://ddanchev.blogspot.com/

    http://www.stopbadware.org/

    http://blocklistpro.com/download-center/view-details/blocklist-pro-blocklists-mirror/1632-hosts.zip.html

    Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN
    bad servers blocked):

    http://www.safer-networking.org/en/download/index.html

    & it works... even many slashdotters use them, by the by, & my list of 20++ points in favor of HOSTS files quotes their results as well (for some "peer evidences" from the likes of your fellow posters on this website in fact, in addition to myself).

    ... apk

  29. There's MANY valid sources you can use by Anonymous Coward · · Score: -1 · on DNS Heavyweights Raise Concern Over DNS Filtering

    http://www.malwaredomains.com/

    https://zeustracker.abuse.ch/monitor.php?filter=online

    https://spyeyetracker.abuse.ch/monitor.php

    http://hosts-file.net/?s=Download

    http://www.malware.com.br/lists.shtml

    http://www.malwareurl.com/

    http://someonewhocares.org/hosts/

    http://www.mvps.org/winhelp2002/hosts.htm

    http://hostsfile.org/hosts.html

    http://hostsfile.mine.nu/downloads/

    http://ddanchev.blogspot.com/

    http://www.stopbadware.org/

    http://blocklistpro.com/download-center/view-details/blocklist-pro-blocklists-mirror/1632-hosts.zip.html

    Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN
    bad servers blocked)

    http://www.safer-networking.org/en/download/index.html

    ---

    "You ARE a spamming nutbag" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

    Oh, really? Do you have your:

    ---

    1.) A PHD in Psychiatry to your name/credit?

    2.) A license to practice it professionally??

    3.) Years-to-Decades of professional experience in the field of psychiatry???

    4.) A formal examination of myself in a professional environs to make your "instant snap prognosis" of my alleged mental state according to you, the "/. SiDeWaLk PsYcHo-AnALySt"????

    ---

    No to ALL/EACH of the above????? So much for THAT "ad hominem" effete attempt on your part directed MY way then, eh??????

    I.E.-> You personally just don't have the credentials to make your assessments in calling me a nutbag, period. In fact, you're libelling me in doing so... don't you KNOW that?????? There's LAWS against it you fool!

    Instead - Why don't you attempt to attack the 20 points in favor of HOSTS files I put out??????

    ---

    Oh, that's right - YOU ALSO SAID THIS:

    "although you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage

    That's right I am RIGHT... always am!

    APK

    P.S.=> Take your pick... I just happen to consolidate them ALL, into 1 file here (via a PyThon script engine that does so every 15 minutes, removing duplicates/normalizing it, and alphabetically sorting them also, & changing the larger + slower 127.0.0.1 loopback address (slower due to loopback ops) to the faster & smaller + most compatible 0.0.0.0 blackhole address instead)... apk

  30. HOSTS files can do the same... apk by Anonymous Coward · · Score: -1 · on DHS Wants Mozilla To Disable Mafiaafire Plugin, Mozilla Resists

    See subject-line. You already have an alternate viable working solution vs. this FireFox ONLY browser addon: It's called your HOSTS file, and it works on ALL webbrowsers (in fact, ANY webbound program, e.g.-> External to webbrowser email programs like Outlook &/or Outlook Express, among others)!

    So, if you're able to edit a text file, which most folks CAN & have done before? You can work with it, easily.

    APK

    P.S.=> It's a matter of editing/adding to a simple text file for HOSTS files, from reputable/reliable sources, such as these:

    ---

    http://www.safer-networking.org/en/download/index.html

    http://blocklistpro.com/download-center/view-details/blocklist-pro-blocklists-mirror/1632-hosts.zip.html

    http://hosts-file.net/?s=Download

    http://www.malware.com.br/lists.shtml

    https://spyeyetracker.abuse.ch/monitor.php

    https://zeustracker.abuse.ch/monitor.php?filter=online

    http://www.malwareurl.com/

    http://someonewhocares.org/hosts/

    http://www.mvps.org/winhelp2002/hosts.htm

    ---

    (The last one also has an EASY TO USE "point-N-click" GUI easy tool to help manage the HOSTS file, called HOSTSMAN, which allows for auto-update as well, very little user interaction required... & it removes duplicate entries and keeps you updated as well, "automagically"!)

    Yes, a simple text file which YOU, the end user, has COMPLETE control over, which is all the HOSTS file really is, a text file based filter for the IP Stack running in Ring 0/RPL 0/kernel mode (PnP driver design in MacOS X & Windows case - not 100% sure of Linux, but probably similar & kick "on" fully, on demand by usermode code programs) for the best in speed/efficiency over this add on also, since the addon runs in Ring 3/RPL 3/usermode... apk

  31. Ummmm, yes... apk by Anonymous Coward · · Score: 0 · on US Government Seizes Torrent Search Engine Domain

    "How about if - rather than an FBI warning or whatever - the site is replaced by a clone that sniffs your info or installs trojans?" - by phorm (591458) on Friday November 26, @01:29PM (#34351528) Homepage

    HOSTS can also be used to block KNOWN bad websites that serve up malware:

    http://ddanchev.blogspot.com/
    http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
    http://www.malware.com.br/lists.shtml
    http://securitylabs.websense.com/content/alerts.aspx
    http://www.stopbadware.org/
    http://blog.fireeye.com/
    http://mtc.sri.com/
    http://www.scansafe.com/threat_center/threat_alerts
    http://news.netcraft.com/
    http://www.shadowserver.org/
    https://zeustracker.abuse.ch/monitor.php?filter=online

    Many of those sites have "removal lists" IF a site cleans itself up, or if it just "drops out of site"!

    (The latter I don't trust though, because malware makers "recycle" domainname/hostnames they own, & the RBN (russian business network) though thought 'dead'? Has had it's domain/host names reused by ANOTHER botnet recently!)...

    Thus, I add those sites that are known as serving up malware exploits as BLOCKED in my HOSTS file, and I can't get to them, until they're proven clean (I don't remove ones that just "drop" because they've been shown to get "recycled/reused").

    APK

    P.S.=>

    "And when the server gets bushwhacked instead of the domain, and they move to a new host - but you're still getting the old IP from your hosts file - then what?" - by phorm (591458) on Friday November 26, @01:29PM (#34351528) Homepage

    I again confronted you today on this, as to HOW you were "modded up" here -> http://slashdot.org/comments.pl?sid=1887878&cid=34387450 because I already covered the other part in my initial reply with this statement (as to sites changing IP addresses) requoted, again, below next:

    "& if they change it again? Re-Ping (with a double verifying WHOIS) said site & the TLD that does NOTHING but resolve hosts/domains to their correct IP will give you a correct IP address (provided you're NOT being "man-in-the-middle" attacked) to reinsert into your hosts file to update it..." - by Anonymous Coward on Friday November 26, @12:36PM (#34351132)

    As to verifying IP addresses changing on sites.

    So, if a site also is proven to harbor malware exploits?? A custom HOSTS file is also used to block those out until they are proven CLEAN... get it??

    I don't see HOW/WHY you were modded up, because I cover the 1st point & anyone that knows how to use a HOSTS file knows it can be used to BLOCK OUT BAD SITES/SERVERS THAT SERVE UP EXPLOITS TOO, per the above... apk

  32. Agreed on DNSSEC, but until then? by Anonymous Coward · · Score: 0 · on Chinese DNS Tampering a Real Threat To Outsiders

    I use a "hard-coded" HOSTS file entry for my "fav" websites (like this one for example) that allows me to reach what ping'd off as "legit" @ the start of the year here, and remains so today (which is how I validate it, against the TLD that does nothing but resolve IP addresses to their correct domainname/hostname).

    Additionally: This allows me to also reach them faster by not making DNS requests for them, which involves turn around response times from DNS servers, which this technique avoids said "lag"...

    (Especially since 200 of my favs. are done thus in my HOSTS file, and I block out KNOWN bad sites/servers in it as well to avoid "sucking in" malscripted or other types of exploits via malevolent people)

    This practice also allows me to be less "trackable" (sure, I'm still trackable by ISP/BSP, but not as easily) since I am NOT showing up on DNS request logs for my favs (where I spend a GOOD 95% of my time online each day anyhow).

    Lastly, this practice also allows me to reach said sites IF my DNS servers I do use "go down" or are "misdirected" via the Kaminsky 'hack' (since they're hardcoded)... I do so, because I can't do the entire net in my HOSTS file as "hard-codes"!

    Now, IF a site I like & hardcode "turns up bad" or "infected"? I get notification via the sources listed below ... and it gets blocked, even if temporarily only (& if they clean themselves up, it shows in the removal lists those sources provide too, & those sources also have "validation" screens where you can check if a site is currently "a plague ship" too - can't beat that!).

    As far as DNS servers though?

    Well, I use either ScrubIT DNS or OpenDNS (both are good & fast + per many DNS flaws, OpenDNS is KNOWN to "patch right away" if possible + they DO pay attention to blocking out various forms of "questionable" or "threatening" material). I also "alternate them", periodically, between those 2 (for avoiding tracking a BIT better, yes, & even from they, via DNS requests logs).

    APK

    P.S.=> What I do know though, is that it makes me FASTER online & SAFER TOO, by far!

    My friends + family & even customers, plus others in forums I have "turned on" to this very old technique (that nowadays seems forgotten) also note it!

    E.G.-> My best pal says "my online speed has DOUBLED using HOSTS files" & he used to get 200++ infestations a month (no joke) & he's down to MAYBE 2 a yr. now using HOSTS alone! We even setup his system for 8++ months without a firewall, on older Windows 2000 unpatched, & no firewall... he still had a much lower infection rate!

    I also block out adbanners (sorry webmasters - I pay for my online time out of my own pocket)

    I want ALL the speed I pay for, & I get a "no commercials/HBO internet" this way, much faster & safer too (since adbanners have been found w/ malicious script content in them many times the past 4-5 yrs. now no less),

    This also protects myself vs. the "Kaminsky security crack" in DNS, noted above!

    I also protect users & myself via HOSTS files, vs. KNOWN bad sites, via these reputable sources (others too, but here are the "bulk" of them I use to populate my HOSTS file for these purposes):

    http://ddanchev.blogspot.com/
    http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
    http://www.malware.com.br/lists.shtml
    http://securitylabs.websense.com/content/alerts.aspx
    http://www.stopbadware.org/
    http://blog.fireeye.com/
    http://mtc.sri.com/
    http://www.scansafe.com/threat_center/threat_alerts

  33. I add between 50-2000 new bad sites a day... apk by Anonymous Coward · · Score: 1, Insightful · on State-Sponsored CyberAttacks Expected To Rise

    To a custom hosts file: That tell you anything? It used to only be that many a month years ago prior to I'd say, 2004 or thereabouts...

    Additionally, to so do, I'm still using the same decent sources as well as my own I built up from the same sources since 1997:

    Spybot Search & Destroy's "IMMUNIZE" feature
    http://ddanchev.blogspot.com/
    http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
    http://www.malware.com.br/lists.shtml
    http://securitylabs.websense.com/content/alerts.aspx
    http://www.stopbadware.org/
    http://blog.fireeye.com/
    http://mtc.sri.com/
    http://www.scansafe.com/threat_center/threat_alerts
    http://news.netcraft.com/
    http://www.shadowserver.org/
    https://zeustracker.abuse.ch/monitor.php?filter=online

    Today/Nowadays? It's worse than it was as far as PC's being @ risk online just on sheer numbers of bogus sites or even banner ads that are maliciously scripted in intent. Just on sheer numbers alone.

    APK

    P.S.=> In summation, all I can tell you, from my "POV" of making a hosts file full of known malware or maliciously scripted sites for a LONG time now is, it's gotten worse, & is happening FAR faster than it used to be (more folks understand coding now is why most likely & the tools are simpler/better too), & I've been building up a closing in on 1 million bogus sites based HOSTS file for over 14 or so years now as my basis in fact here is all...

  34. Handy malware domains lists by Ponyegg · · Score: 5, Informative · on Riskiest Web Domains To Visit

    I work in online advertising, specifically I look after a major UK publisher's adservers/ad-delivery. We use the following to keep an eye on identified malware delivering domains:

    http://www.malwaredomainlist.com/mdl.php
    http://www.malwaredomains.com/
    http://www.malwareurl.com/
    http://www.anti-malvertising.com/

  35. HOSTS are better than Privoxy, AdBlock, etc. by Anonymous Coward · · Score: 0 · on Opera Embraces Extensions For v.11

    A custom HOSTS file will do what the Privoxy, or Adblock softwares will, for less CPU usage (& very possibly RAM usage also) simply by making it impossible to go into KNOWN BAD SITES/SERVERS.

    After all: You cannot get burned by what you cannot touch, essentially... & making it impossible to access known bad sites or servers is ONLY A GREAT PART of what hosts files can do (because they do even more, read on)... sound familiar to this Privoxy software? Yes, it does in that case!

    However: Can Privoxy speed you up more, ontop of protecting you? Yes!

    HOSTS files can also not only protect you vs. known bad sites or servers, but they can also aid in speeding you up online websurfing even more by avoiding DNS lookups by using hardcodes of hostsnames/domainnames to IP addresses of your favorite websites and by blocking ad banners also (which have also been shown to have malicious script in them many times over the years now no less).

    You can keep a hosts file updated daily that way easily, by using the following whitehat sites for information on what are the "latest/greatest" known bad sites &/or servers found daily in fact:

    http://hosts-file.net/?s=Download
    http://www.mvps.org/winhelp2002/hosts.htm (great overall explanation of what HOSTS files can do for you is here and how to manage them (such as tips on turning off your local DNS Client Cache if you use a "largish" hosts file))
    http://www.malware.com.br/lists.shtml
    https://zeustracker.abuse.ch/monitor.php?filter=online
    http://www.malwareurl.com/
    http://hostsfile.org/hosts.html
    http://someonewhocares.org/hosts/
    http://hostsfile.mine.nu/downloads/
    http://ddanchev.blogspot.com/
    http://www.safer-networking.org/en/download/index.html

    Used in combination with AdBlock for instance? Great layered security, albeit redundant. Used in combination with NoScript though? An EXCELLENT defense vs. malware attacks online.

    APK

    P.S.=> HOSTS files do what other wares do, albeit, without eating up CPU cycles &/or RAM as Privoxy, DNS servers, or even the NEW "BLADE" software that just came out... & hosts files are not programs, they are filters - They won't have "programming bugs" in them either, because they are NOT code (just IP stack filters)! apk

  36. HOSTS files are superior to Adblock... apk by Anonymous Coward · · Score: 0 · on New Tool Blocks Downloads From Malicious Sites

    First of all: Per subject-line above, a custom HOSTS file will do most of what this "BLADE" software will, simply by making it impossible to go into KNOWN BAD SITES/SERVERS.

    (After all: You cannot get burned by what you cannot touch, essentially... & making it impossible to access known bad sites or servers is what hosts files can do... sound familiar to this "BLADE" software? Yes, it does, but blade cannot speed you up more, and HOSTS files can ontop of protecting you (HOSTS files can also not only protect you, but they can also aid in speeding you up online websurfing even more by avoiding DNS lookups by using hardcodes of hostsnames/domainnames to IP addresses of your favorite websites and by blocking ad banners also (which have also been shown to have malicious script in them many times over the years now no less)).

    You can keep a hosts file updated daily that way easily, by using the following whitehat sites for information on what are the "latest/greatest" known bad sites &/or servers found daily in fact:

    http://hosts-file.net/?s=Download
    http://www.malware.com.br/lists.shtml
    https://zeustracker.abuse.ch/monitor.php?filter=online
    http://www.malwareurl.com/
    http://hostsfile.org/hosts.html
    http://someonewhocares.org/hosts/
    http://hostsfile.mine.nu/downloads/
    http://ddanchev.blogspot.com/
    http://www.mvps.org/winhelp2002/hosts.htm
    http://www.safer-networking.org/en/download/index.html

    HOSTS files also do all that, without eating up CPU cycles &/or RAM as DNS servers do, or this "BLADE" software... & hosts files are not programs, they are filters... they won't have "programming bugs" in them either!

    APK

    P.S.=> HOSTS FILES ARE ALSO SUPERIOR TO ADBLOCK ON THESE SPECIFIC GROUNDS - 10 ADVANTAGES OF HOSTS FILES OVER BROWSER ADDONS ALONE, & EVEN DNS SERVERS:

    ----

    1.) HOSTS files eat A LOT LESS CPU cycles than browser addons do no less (since browser addons have to parse each HTML page & tag content in them)!

    2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are. HOSTS files cover & protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).

    3.) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).

    4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

    5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).

    6.) HOSTS files are EASILY user controlled, updated and obtained (for reliable ones see mvps.org ) & edited too, via texteditors like Windows notepad.exe or Linux nano or kate (etc.)

    7.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers, as they are NOT code, & because of what's next too

    8.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.

    9.) HOSTS files

  37. A hosts file does most of what BLADE does anyhow by Anonymous Coward · · Score: 0 · on New Tool Blocks Downloads From Malicious Sites

    "Great idea, and I can't wait for it to surface" - by Rurik (113882) on Sunday October 10, @03:09PM (#33853662)

    It's been "surfaced" for AGES online now, albeit in the form of CUSTOM HOSTS FILES!

    Per subject-line above, a custom HOSTS file will do most of what this "BLADE" software will, simply by making it impossible to go into KNOWN BAD SITES/SERVERS.

    (After all: You cannot get burned by what you cannot touch, essentially... & making it impossible to access known bad sites or servers is what hosts files can do... sound familiar to this "BLADE" software? Yes, it does, but blade cannot speed you up more, and HOSTS files can ontop of protecting you (HOSTS files can also not only protect you, but they can also aid in speeding you up online websurfing even more by avoiding DNS lookups by using hardcodes of hostsnames/domainnames to IP addresses of your favorite websites and by blocking ad banners also (which have also been shown to have malicious script in them many times over the years now no less)).

    You can keep a hosts file updated daily that way easily, by using the following whitehat sites for information on what are the "latest/greatest" known bad sites &/or servers found daily in fact:

    http://hosts-file.net/?s=Download
    http://www.malware.com.br/lists.shtml
    https://zeustracker.abuse.ch/monitor.php?filter=online
    http://www.malwareurl.com/
    http://hostsfile.org/hosts.html
    http://someonewhocares.org/hosts/
    http://hostsfile.mine.nu/downloads/
    http://ddanchev.blogspot.com/
    http://www.mvps.org/winhelp2002/hosts.htm
    http://www.safer-networking.org/en/download/index.html

    APK

    P.S.=> HOSTS files also do all that, without eating up CPU cycles &/or RAM as DNS servers do, or this "BLADE" software... & hosts files are not programs, they are filters... they won't have "programming bugs" in them either! apk

  38. Re:in the wild by dremspider · · Score: 1 · on Nasty Data-Stealing Bug Haunts Internet Explorer 8

    Here are some sites that I have used for malicious sites: http://www.malwaredomainlist.com/ http://www.malwareurl.com/ http://iblocklist.com/lists.php https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist http://mtc.sri.com/live_data/malware_dns/ Also if you use Snort you are able to use the rules created over at Emerging Threats as well as others: http://emergingthreats.net/rules/emerging-drop.rules

  39. HOSTS files are a better OVERALL solution by Anonymous Coward · · Score: 0 · on Why Mozilla Needs To Go Into Survival Mode

    "What about Ad Block Plus? That keeps me on Firefox" - by EvilBudMan (588716) on Friday April 09, @03:24PM (#31793466)

    Adblocks' NOT bad (especially considering that adbanners have been shown MORE THAN JUST A FEW TIMES NOW TO HOUSE MALSCRIPTED CONTENT IN THEM, see list below (only PARTIAL too, mind you)):

    HOSTS FILES ARE ADBLOCK'S SUPERIOR ON SEVERAL GROUNDS (& in combination/together? Pretty much the best "browser level" security, in "layered security fashion" you can do currently)!

    ----

    1.) HOSTS files eat A LOT LESS CPU cycles than browser addons do no less (since browser addons have to parse each HTML page & tag content in them)!

    2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are. HOSTS files cover & protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).

    3.) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).

    4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

    5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).

    6.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://en.wikipedia.org/wiki/Hosts_file [wikipedia.org] ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

    7.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers, as they are NOT code, & because of what's next too

    8.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.

    9.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE - NOt just a single webbrowser type (e.g. FireFox/Mozilla & its addons exemplify this, such as ADBLOCK)

    10.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own, & this? This stops that cold, too! Bonus...

    Still, it's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock, &/or NoScript (especially this latter one, & in FireFox (because Opera for example, allows a site by site setting on scripting @ least, where FF natively by itself, doesn't) as NoScript covers FF in what HOSTS files can't, in javascript, which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security")

    ----

    To keep "ontop of the latest known malicious sites" online? See these sites (1 I mentioned here already, this is the rest of the list I use, & others too):

    START OF WEBSITES & SOURCES + TOOLS I USED TO POPULATE THIS LIST + MY ORIGINAL LIST OF BLOCKED ADBANNERS SERVERS

    http://ddanchev.blogspot.com/
    http://www.malwareurl.com/listing-urls.php

  40. If this is about stopping botnets, malware, etc.? by Anonymous Coward · · Score: 0 · on The Cybersecurity Act of 2009 Passes Senate Panel

    Per my subject-line above. & this quote from the article here on /.:

    "The Cybersecurity Act of 2009 passed a Senate panel, giving the president unprecedented power to issue a nation-wide blackout or restriction on websites without congressional approval" - by Akido37 (1473009) on Tuesday March 30, @10:49AM (#31670706)

    ?

    Well, then from the SOUND of it @ least, I am ALL FOR IT personally!

    Why??

    Well, because online attacks DO go on, & they DO exist, & they DO INTERFERE WITH PEOPLE'S LIVES IN SERIOUS WAYS IS WHY!

    (AND, in many ways, because a LOT goes over "the public internet" people, a lot more than say, slashdot webpages, whether you know it or not)...

    E.G.-> Such as databases' drivers & libs using ports on the net, like:

    ----

    A.) SQLServer = default ports usually used -> 1433/1434/4022/2382/2382/443 (SSL)/135 (RPC) & on both UDP & TCP/IP

    B.) Oracle = default ports usually used -> 66/1521/1525/1526/1527/1529/1571/1575/1630/1748/1754/1808/1809/1830/2481/2482/2483/2484/3872/3891/3938

    C.) IBM DB/2 = default ports usually used -> 523/532/6789/50000/60000 (probably more here, this is the one I am LEAST familiar with, sorry I could not be more "complete" here)

    D.) MySQL = default ports usually used -> 3306 (probably more here too, I am JUST "getting into" this one lately (hey, it's FREE man!!!)

    ----

    (Those tools, as I am sure MOST of you know, are for businesses where YOU yourself do business, which means YOUR MONIES or other life-crucial information, for instance - which again, is a LOT more than & of most likely far greater import than merely the web's HTML data alone you use, while you browse websites, in other words...)

    And, then there are things like POWER PLANTS (which, like it or not, DO conduct things over the public internet), & even life-monitoring devices + security systems.

    SHOULD THE GOV'T. TAKE ACTIVE MEASURES vs. ATTACKS ON THESE THINGS NOTED ABOVE? Hey guys...?? ABSOLUTELY!

    (Especially IF they're being "cyber-attacked", OR, just to prepare for such an event, JUST IN CASE!)

    APK

    P.S.=> See- The past 12 yrs. now or so, I've taken a more than "somewhat" active interest in things 'security-related' online... &, know what sort of "spooks me" (& yes, even shocks me, because of the cultures/nations I see it coming from mainly)?

    CHINA...

    Yes - It really "blows my mind" that a culture w/ more than 5,000++ yrs. of recorded history behind it is showing up, & MORE THAN ANY OTHER NATION BY FAR, in the lists I use to populate my HOSTS file here, & here are the sources (all known & reputable) I typically utilize, so you can check this yourselves (or, perhaps, even USE THEM yourselves for hosts file population to block out known bogus sites &/or servers):

    -----

    http://ddanchev.blogspot.com/
    http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
    http://www.malware.com.br/lists.shtml
    http://securitylabs.websense.com/content/alerts.aspx
    http://blog.fireeye.com/
    http://mtc.sri.com/
    http://www.scansafe.com/threat_center/threat_alerts
    http://news.netcraft.com/
    http://www.shadowserver.org/
    https://zeustracker.abuse.ch/monitor.php?filter=online
    http://en.wikipedia.org/wiki/Hosts_file

  41. Re:But when spam is illegal by Anonymous Coward · · Score: 0 · on Malware and Botnet Operators Going ISP

    What about malware? Telos AS49087 have a /24 in the Ecatel datacenter in Amsterdam and won't do anything about a bunch of domains at 91.212.127.230 serving fake online AV scans and the SecurityTool "removal tool" malware. When reported, they were more interested in discovering my identy than in investigating the report. Given the number of other addresses in the /24 with listings, they don't look like a legitimate operation to me.

  42. Re:But when spam is illegal by Anonymous Coward · · Score: 0 · on Malware and Botnet Operators Going ISP

    What about malware? Telos AS49087 have a /24 in the Ecatel datacenter in Amsterdam and won't do anything about a bunch of domains at 91.212.127.230 serving fake online AV scans and the SecurityTool "removal tool" malware. When reported, they were more interested in discovering my identy than in investigating the report. Given the number of other addresses in the /24 with listings, they don't look like a legitimate operation to me.

  43. it has been happening all weekend by fermion · · Score: 4, Informative · on New York Times Site Pop-Up Says Your Computer Is Infected
    It really is a good social attack, reminiscent of the days when advertisers put 'click ok to continue' buttons to trick users to a promotional web site.

    In this case, it runs a mock scan, states the computer is infected, and then pretends to offer help. The exe file sometimes gets downloaded. From the way I have seen IE work lately, I would not think the file would download without user intervention, but, the page does a good job of scaring users, so I suspect some might download the files.

    The malware site is protection-check07com

    malwareurl.com has the owner listed as Elton John, perhaps on can think that this is pseudonym. Kind of lends credence to rules that require valid information on domain name registrations.

    In any case, this is where the address is listed. Looks residential, so maybe that is fake as well. I hope the protection-check people are not setting up some poor sod. Ha, protection check.

    Of course this does bring up two issues. Everyone is afraid of viruses, so it easy to translate that fear into irrational action. It might make us think about some activities that went on this past weekend. Second, such attacks work on mimicking the theme of certain systems, so perhaps one countermeasure is to allow users to vary they theme. This might be very good for corporate machines, as firms might like custom themes. On Macs and *nix, of course, the attack did not work because the web page did not integrate into the background, an elephant is going to look quite conspicuous in a field of leopards.