Slashdot Mirror

Looks like londonstockexchange.com uses 8 Linux servers tomhudson:

http://uptime.netcraft.com/up/graph?site=LondonStockExchange.Com

And BTW, the stories about linux serving up malware from the London Stock Exchange were put out by Microsoft shills...The compromised machines were running Windows. by tomhudson (43916) on Saturday April 16, @06:08PM (#35843362) Homepage

Do you have proof of that statement, tomhudson? If so, I would like to see it.

What I do see, is this: See above tomhudson.

Looks like Linux boxes over there and this quote from netcraft's page says the affected "website for the London Stock Exchange" per this article http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware , londonstockexchange.com is running Linux, not windows for that job tom: Serving up malware.

http : // london stock exchange . com was running unknown on Linux by http://uptime.netcraft.com/up/graph?site=LondonStockExchange.Com

Right on the netcraft uptime report tom. I'll take a concrete netcraft report over your mere anecdotes (you never seem to produce documentation or proof when asked).

Looks like londonstockexchange.com uses 8 Linux servers tomhudson:

http://uptime.netcraft.com/up/graph?site=LondonStockExchange.Com

And BTW, the stories about linux serving up malware from the London Stock Exchange were put out by Microsoft shills...The compromised machines were running Windows. by tomhudson (43916) on Saturday April 16, @06:08PM (#35843362) Homepage

Do you have proof of that statement, tomhudson? If so, I would like to see it.

What I do see, is this: See above tomhudson.

Looks like Linux boxes over there and this quote from netcraft's page says the affected "website for the London Stock Exchange" per this article http://slashdot.org/submission/1484548/London-Stock-Exchange-Web-Site-Serving-Malware , londonstockexchange.com is running Linux, not windows for that job tom: Serving up malware.

http : // london stock exchange . com was running unknown on Linux by http://uptime.netcraft.com/up/graph?site=LondonStockExchange.Com

Right on the netcraft uptime report tom. I'll take a concrete netcraft report over your mere anecdotes (you never seem to produce documentation or proof when asked).

Microsoft is fairly big even in webservers. IIS serves 20% of the web which, while a minority, is still a significant marketshare.

http://uptime.netcraft.com/up/graph?site=www.nasa.gov

(There's your website 'subdomain' scan first)

http://uptime.netcraft.com/up/graph?site=nasa.gov

(There's your MAIN domain scan)

"Read 'em & WEEP", /. *NIX Trolls!

---

Oh - Yes, yes - the "supreme security of Linux", lol (not)!

Funniest part of all, since your post was modded "+5 FUNNY" is this quote from the article summary today:

---

"The computer network NASA relies upon to carry out its billion dollar missions is just like your Mac or PC at home; vulnerable to cyber attacks"

(Hahaha, except this time, as we can ALL see above? NASA uses Linux & a LAMP stack setup... (@ least the "LA" part, for sure) funny they OMIT noting that in that source article used here!)

---

Yea, lol, FUNNY alright & I agree...

Except I don't think the "Pro-*NIX Trolls" around here will! Why?

WELL, because it's SURE NOT SEEMING "so secure" per this article (at least, not like "Pro-*NIX trolls" around here have been snowing folks about for years here now, in their "fantasyland" of 1/2 truth "straight-outta-pravda" tactics the use here daily & FOR YEARS now, & "lord knows" they don't like it when actual FACTS are brought into the picture exposing the FRAUD of "Linux is secure", lol!)

Hell, & each week almost this year? ANDROID (yes, a Linux too) does the rest, showing security issues week in & week out!

(LMAO! Next, in fact? I predict that my usage of facts here anyone can test themselves above in this reply will be met by "The DOWNMOD SQUAD" of wannabe "Adjustment Bureau" Trolls & *NIX 'fanbois'!!!)

APK

P.S.=> Fact is that here today, I showed that Linux has MORE unpatched security vulnerabilities in its KERNEL ALONE (and a Linux distro is a LOT more than just THAT), by 3x in fact, than does Windows 7 alone (in its entirety/more than just kernel), as well as the ENTIRE MS "Stack" for doing business only having 7 total errors in unpatched vulnerabilities, vs. 19 on Linux latest/greatest!

Again - Kernel ONLY though... it's not showing all the ones the GUI shells, Window managers, Browsers etc. that a FULL Linux distro has that COMPOUNDS THAT FURTHER!

http://it.slashdot.org/comments.pl?sid=2059420&cid=35656126

(Now, THAT? That's funny... and, since they used NMap to determine what systems are "internet facing"? You can pretty much bank on it that NASA.GOV is one of them, & it's vulnerable...) apk

http://uptime.netcraft.com/up/graph?site=www.nasa.gov

(There's your website 'subdomain' scan first)

http://uptime.netcraft.com/up/graph?site=nasa.gov

(There's your MAIN domain scan)

"Read 'em & WEEP", /. *NIX Trolls!

---

Oh - Yes, yes - the "supreme security of Linux", lol (not)!

Funniest part of all, since your post was modded "+5 FUNNY" is this quote from the article summary today:

---

"The computer network NASA relies upon to carry out its billion dollar missions is just like your Mac or PC at home; vulnerable to cyber attacks"

(Hahaha, except this time, as we can ALL see above? NASA uses Linux & a LAMP stack setup... (@ least the "LA" part, for sure) funny they OMIT noting that in that source article used here!)

---

Yea, lol, FUNNY alright & I agree...

Except I don't think the "Pro-*NIX Trolls" around here will! Why?

WELL, because it's SURE NOT SEEMING "so secure" per this article (at least, not like "Pro-*NIX trolls" around here have been snowing folks about for years here now, in their "fantasyland" of 1/2 truth "straight-outta-pravda" tactics the use here daily & FOR YEARS now, & "lord knows" they don't like it when actual FACTS are brought into the picture exposing the FRAUD of "Linux is secure", lol!)

Hell, & each week almost this year? ANDROID (yes, a Linux too) does the rest, showing security issues week in & week out!

(LMAO! Next, in fact? I predict that my usage of facts here anyone can test themselves above in this reply will be met by "The DOWNMOD SQUAD" of wannabe "Adjustment Bureau" Trolls & *NIX 'fanbois'!!!)

APK

P.S.=> Fact is that here today, I showed that Linux has MORE unpatched security vulnerabilities in its KERNEL ALONE (and a Linux distro is a LOT more than just THAT), by 3x in fact, than does Windows 7 alone (in its entirety/more than just kernel), as well as the ENTIRE MS "Stack" for doing business only having 7 total errors in unpatched vulnerabilities, vs. 19 on Linux latest/greatest!

Again - Kernel ONLY though... it's not showing all the ones the GUI shells, Window managers, Browsers etc. that a FULL Linux distro has that COMPOUNDS THAT FURTHER!

http://it.slashdot.org/comments.pl?sid=2059420&cid=35656126

(Now, THAT? That's funny... and, since they used NMap to determine what systems are "internet facing"? You can pretty much bank on it that NASA.GOV is one of them, & it's vulnerable...) apk

Slashdot is pretty much dying. Nobody really cares anymore :(

In this story from 2005, Netcraft confirms slashdot is in fact, dead!

I was referring to the Feb 2011 netcraft survey, and added up Apache, nginx and Google. I have no doubt that there are more Windows "servers" out there, simply because Microsoft sells the shit out of them, to ignorant Windows sysadmins. Whereas a good Unix admin knows how to maximize resources, buy fewer servers. Apple is now selling Unix to ignorant designers and stuff so I'm sure they are growing faster also. Happy to see Unix growing though, even if it all has to run on Apple's obviously and hideously overpriced hardware. But it looks good, and that's all that matters, until the bubble bursts ;) Anyway, obviously the largest sites in the world run apache on linux because it's the best. Although you personally lack the skils to run one of those sites, if you did practice and study for long enough to get those skills, you too would also run your large website on Linux. It's a no brainer. Obviously, the topic is linux desktop, and more distinctly Ubuntu. Why kick the one child that seems to be making progress finally with the Linux desktop!? Because, they are cheating. So, maybe it's not possible to have a mainstream desktop in the conventional Apple and Windows sense that runs linux and still follow the rules of the road? Maybe that's the problem. But they sure are selling a lot of phones with a PDA interface on top (and linux underneath). And routers with a web interface on top. And desk phones. And Tivos. And everything else reliable and good and a sort of computer type thing. Not to mention rip offs. iTunes App Store. Uh, that sounds like a RPM repository to me. The only innovation there is that they somehow got your credit card in there and 30% of whatever you buy. Wow, that's amazing Apple!

You can slob on Apple's knob all you want but they're riding you to the bank, they don't care about you. They aren't planning on giving you more for less any time soon. Or sharing what they learned to others to allow them to benefit and build on it. If you value shiny stuff that much and are that lazy, then by all means, trade your money for lack of input. Linux doesn't want or need you.

It's also an article that fails to call out Windows. Directors Desk is run on Windows, so the violation is not so much a case of NASDAQ not being able to "secure their network" as it is a case of no one being able to secure Windows. Most people know by now that sane stock exchanges use GNU/Linux, so they might think this was a GNU/Linux problem. NASDAQ, being very Microsoft/Madoff/crook friendly, did not mention the OS of the failed application either. Perhaps they were belatedly ashamed of being dumb enough to use IIS.

I thought they ran Linux. Oh, wait, it is bing that runs it.

Maybe their admin password was 'password'

It was worse than that.... it looks like up until very recently they could well have had their site on a Windows 2000 machine. 2000 was the best version of Windows that MS ever made, but it still had some chronic shortcomings that make it totally unsuitable for most internet-facing tasks.

http://toolbar.netcraft.com/site_report?url=http://www.lush.co.uk

Of course it is all too easy to just flame Windows, but even (especially) the MS fans will agree that using IIS5 in at least 2007 is not a clever thing to have been doing.

But lets be honest, the way that site is slinging about the word "hacker" it is clear they do not have any kind of top-notch IT... or even any clue about computers - they probably accepted what the industry told them as 100% truths, and then think that somehow some person is doing fucking magic or something to get into their server. Considering how keen they seem to be to shirk responsibility for the break ins (their list of suspect beliefs, for example), they truly do not recognise their own ignorance. The BBC miss the point too, and just go along with the hacker rhetoric as well.

Wrong, if you check their 'what's that site running' history you'll see that they only switched to Apache yesterday. Before that, they were on IIS 5 on, FFS, Windows 2000, which is a sign that they were probably running on outdated poorly managed systems. The fact that the attack attempts "continue" is probably meaningless as whatever they were, they are almost certainly failing now, but the attempts will still show up in the logs which will make any naive IT administrator nervous.

Actually it's more like 60% according to netcraft.

This one's JUST FOR YOU, clone (disprove every single one of its points, as ,b>you failed badly here before on this very same note -> http://slashdot.org/comments.pl?sid=1755714&cid=33353946 AND, for your trolling me as AC here today http://slashdot.org/comments.pl?sid=1922942&cid=34687498 , and YOU FAILED LARGE on your end clone, with a bogus script that didn't work and I had to correct it for you here today after you worked DAYS on it no less, & I had to tell you how/where/when/why it failed, which you corrected for, lol, per MY suggestions no less), so here we go:

---

20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/

And anyway, IPv6 addresses are ugg-ly.

Learn DNS. You should only be looking at a IPv6 address if you are a network engineer.

Saying "only," you and many others sound pretty sure that real users NEVER see ip address in the clear, though Vista and Ubuntu show you both v4 and v6 on wireless connection status and ifconfig lines --forum users asked to post theirs for troubleshooting are not all network engineers, either. Was DNS was created not for IPv4's sake, but for some not-yet-foreseen future IPv6 tech? DNS is perfect for the disaster that is writing out an IPv6 location... It isn't as dependable as some think even in our mature, saturated, well understood IPv4 world, and thus your argument falls apart. Look closer:

Remember that less than a 10 months ago in our supposedly mature year 2010 in IPv4, we all still saw IP addresses in the browser address bar for google cache pages. Of all organizations, geeks have the most respect for them, but if Google were fueled by cash from geeks alone, it would not be #2 in Netcraft's survey of most visited sites*

That alone means that a lot of people have been seeing naked IP's in their web searches. From hundreds of millions of yearly searches, even a tiny made up number like 1% is millions of individuals using a cache and finding this weird thing in their location bar called a naked IP address. In 2010. Oh, sorry, that must mean they are all certified network engineers, no? The dns domain they are using is only 2 years old, yet google caches with this "network-engineer" IP glitch in our address-bars is probably as old as google, a domain registered 12 years ago.

Now your focus will shift to "ooh, an honest 12 year mistake", or "only network engineers ever bookmark/e-mail/tweet/link address bar links with google's highlighted search keyworks," but a nobody and a never proven wrong once show dubiousness to the reliability of your thinking. Right, you said IPv6. I'm not a network engineer, but like thousands of sixx.net's tunnel users, I need to enter long, annoying sequences of IPv4 and IPv6 naked gateway and DNS server addresses into my router or tunnel. Without being an engineer, there are websites built for me and others to enter that world with sites on "free IPv6 only pr0n." Oh, so they must have meant this pr0n to network admins only... : )

Anyway, if IPv4 blunders can last for 12 years, rest assured that our fear is that IPv6 and bad *real* network admins will be lazy, like Google's were --or much, MUCH worse because IPv6 is annoying to deal with and retraining courses are few and far between. The problem will be a pest for the next decade or more. The naked IP problems of today worseing for tomorrow will bring you lots of IPv6 links when sc/pammers start targetting the IPv6-only users thanks to the relative inconvenience of hiding somewhere in IPv6 space. Proof of concept later later becomes a reality exploited by few, then more, and then all.

* Bested only by facebook, with 500 million active users.

Never heard of a Texas datacenter? You've probably been to a site hosted in one.

http://news.netcraft.com/hosting-analysis/

The Planet (recently bought by Softlayer) is the 5th largest web hoster in the world. Their datacenters are in Houston and Dallas. Also, there's this tiny little company called Rackspace based in San Antonio. Maybe you've heard of them.

So yes, Virginia, there are datacenters in Texas. Big ones, because everything is bigger in Texas. (Yes, egos are bigger, too.)

""IP Reputation" systems are basically a step beyond DNSBLs (which only consider things as white vs black). There is a decent explanation in Wikipedia's Sender's IP verification section of their E-mail authentication article" - by Khopesh (112447) on Saturday December 18, @01:54PM (#34601326) Homepage

Thanks - that's to BOTH yourself, and SuricouRavenn, who also replied here in regards to "IP Reputation" & what it is (I have a message for SuricouRavenn here also -> http://yro.slashdot.org/comments.pl?sid=1903798&cid=34559886 regarding Windows Defender/Microsoft Security Essentials) - thank you!

I do MUCH THE SAME as a DNSBL, albeit locally... via custom HOSTS files - here is why (long read, but detailed & I think you MAY find it, informative, possibly):

---

20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/

"1) Russian criminals have control over the wikileaks.org and wikileaks.info domains and are distributing malware. The current real wikileaks website is wikileaks.ch." - by Anthony Mouse (1927662) on Saturday December 18, @08:04PM (#34603730)

ping wikileaks.ch IS YOUR FRIEND!

Enter the result of that into your custom HOSTS file (Windows: %WinDir%\system32\drivers\etc OR on LINUX: root/etc OR ON ANDROID PHONES: by mounting the system mountpoint first, w/ read + WRITE ability, & then using the SDK tool ADB to PUSH the new HOSTS file into the etc folder there, overwriting the stock-oem model)

E.G.-> (from MY "ping" result, that would go into a HOSTS file for this):

178.21.20.9 wikileaks.ch

PUT THAT INTO YOUR CUSTOM HOSTS FILE (after pinging wikileaks.ch, because the IP address you come up with MAY be different than that which I come up with here).

That's doing a "whitelisting" in your HOSTS file, w/ the proper IPAddress - to - HOST/DOMAINName resolution, so you reach that site (and, you avoid DNS request log tracking in doing so also, bonus, because you NEVER USE THE ISP/BSP (or other) DNS server, period).

---

"2) Spamhaus has been telling people about (1). 3) The Russian criminals are now retaliating by using their botnets to DDoS Spamhaus under the flag of AnonOps." - by Anthony Mouse (1927662) on Saturday December 18, @08:04PM (#34603730)

Hey - They're easy to beat too (Russian criminals), & also by using a HOSTS file...

Albeit, this time, NOT FOR WHITELISTING A SITE, but, rather for "blacklisting" the sites/servers they use or redirect you to, for loading malware onto your systems!

(Between that, & using NoScript or turning off javascript period, you ARE PROTECTED (you really only need it for database accesses when you come down to it, to do "real things" (not playtime stuff, or eyecandy) usually, after all)).

APK

P.S.=> Reputable, reliable, & regularly updated sources for blacklisting data for a HOSTS file are as follows:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398

20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398

20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398

20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398

"Reading the report, it sounds like they were just testing the browsers' databases of known malware/phishing sites" - by gman003 (1693318) on Wednesday December 15, @03:51PM (#34565790)

Per my subject-line above? With a GOOD UP-TO-DATE HOSTS FILE?? You don't even NEED to do that!

I update mine daily, from these reliable & reputable sources (for blocking out KNOWN bad sites/servers/host-domain names etc.):

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

And yes: Even SLASHDOT &/or The Register help!

(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhacker others online that is... not ALL do!)).

2 examples thereof in the past I have used, & noted it there, are/were:

http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398
http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500

---

So, IF/WHEN you have a HOSTS file that has up to date blocking data in it? There's really no real need to do "browser based checks" of URL's, other than for "layered-security" purposes (which isn't a BAD THING TO DO, & it's the "current trend" for better security online).

Besides: IE, FireFox, and Opera ALL have methods for blocking out known bad sites already:

---

Opera has URLFILTER.INI (Spybot S&D populates this, alongside the Opera community doing updates to it too)

FireFox has an analog to Opera's filter file (which is what SpyBot S&D populates alongside a HOSTS file too vs. known bad sites)

IE has "restricted zones"

---

Still - the folks @ MS doing this in IE9 (which I use here)? Not a bad thing at all, for "layered-security"...

APK

P.S.=> Even the folks @ WIKIPEDIA aren't against blacklists like HOSTS:

---

PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ )

"we are in favour of 'Blacklists', be it for mail servers or websites

---

Why? Well, because they work... especially for layered security online... apk

Why attack twitter?

Are they attacking Twitter?

Twitter isn't on the list of targets on the instructions image another poster linked to earlier in this discussion.

- RG>

According to the instruction image, they're using an online faxing service behind a proxy.

Seems unlikely anyone will go after dozens of kids behind international proxies.

From the source article, I obtained their server's domain/hostnames and nameservers, which I now have added to my custom HOSTS file... & blocked out, thus:

0.0.0.0 greatfull-toolss.ru
0.0.0.0 ns1.reg.ru
0.0.0.0 ns2.reg.ru
0.0.0.0 greatfull.ru
0.0.0.0 ns1.arbusi-host.net
0.0.0.0 ns2.arbusi-host.net
0.0.0.0 hellcomeback.ru

They're not going to get to ME, because I cannot get to they now... & what I can't touch, I cannot be "burned" by, simple!

HOSTS as blacklists, work! Some evidences & cases why you may be interested in implementing such protective (and speed gaining features too) measures:

---

15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download

"Kid, you have no idea what you're talking about... You are strongly misinformed on several points. I can't be bothered to respond to you, (i.e. feed the troll) because I don't think it would be worth my time. You're obsessed, and not interested in rational discussion - by metrix007 (200091) on Monday December 06, @07:03AM (#34458496)

Ok, you FINALLY came back in, & NO: I am TRULY interested in "rational discussion", not avoiding it (as you obviously are with your 2 trollish replies here in this thread), so with that said? Disprove each of these 15 points on HOSTS files then:

15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.ab

Thanks for supplying the bogus domains information. I checked on yourisp.ru, and sure enough - a known bogus malware domain/host name. It's blocked out here now, alongside payment8ltd.net, & how? Here is HOW & WHY:

15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

8.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

9.) AdBlock & DNS servers are program

What blocks off known bogus sites/servers or entire hostnames/domains better than anything (because it's not a program, and because it's just a filter that operates @ the IP Stack level, and covers ALL your webbound programs, plus mine at least gets updated from reputable & reliable sources, daily): a custom HOSTS file.

You've also already got one, whether you all know it or not, & it's just a matter of either downloading a prebuilt on (sources are below), or filling one in yourself, and yes, they work even vs. spam mail (& better than adblock does, because that only covers browsers it's designed for (maybe 1-3 of them), but not external HTML + script based external email programs, like Outlook Express/FULL Outlook)).

15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spyb

15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

8.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

10.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs.

11.) HOSTS files are E

Netcraft has been tracking the shifts in Wikileaks' infrastructure, and notes today that one of its post-Amazon hosts is Swedish ISP Bahnhof Internet, which operates the "James Bond Villain" data center housed in a nuke-proof bunker 100 feet beneath Stockholm.

"Or better yet, WTF are host files? Non-techs can sort of understand ABP, as it is an add-on that stops bad or all ads. Host files, no way an average computer user would understand them or utilize them." - by stonewallred (1465497) on Wednesday December 01, @10:40AM (#34404550)

Take a GOOD solid read (and if still in doubt? Refer to this mvps.org link -> http://www.mvps.org/winhelp2002/hosts.htm (it has a great writeup that's EASILY UNDERSTOOD & very detailed, on HOSTS)) - this will show you how/why HOSTS files are superior to AdBlock or even DNS servers on MANY accounts (and why you ought to use them in combination for the "best in 'layered security'" practices online!

14 ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK:

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).

6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.stopbadware.org/home

REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):

http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

4.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).

5.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

6.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

http://ddanchev.blogspot.com/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

8.) AdBlock is a program, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

9.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content.

10.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

11.) You don't have the sourcecode to Adblock. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

12.) Hosts files are easily secured via using MAC/ACL &/or Read-Only attributes applied.

13.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF

1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).

2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

3.) Adblock doesn't protect email programs external to FF, Hosts files do.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).

4.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw for years now - hosts protect against that via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).

5.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders

6.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

http://ddanchev.blogspot.com/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

8.) AdBlock is a program, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.

9.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content.

10.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)

11.) You don't have the sourcecode to Adblock. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).

12.) Hosts files are easily secured via using MAC/ACL &/or Read-Only attributes applied.

13.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name

"How about if - rather than an FBI warning or whatever - the site is replaced by a clone that sniffs your info or installs trojans?" - by phorm (591458) on Friday November 26, @01:29PM (#34351528) Homepage

HOSTS can also be used to block KNOWN bad websites that serve up malware:

http://ddanchev.blogspot.com/
http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts
http://news.netcraft.com/
http://www.shadowserver.org/
https://zeustracker.abuse.ch/monitor.php?filter=online

Many of those sites have "removal lists" IF a site cleans itself up, or if it just "drops out of site"!

(The latter I don't trust though, because malware makers "recycle" domainname/hostnames they own, & the RBN (russian business network) though thought 'dead'? Has had it's domain/host names reused by ANOTHER botnet recently!)...

Thus, I add those sites that are known as serving up malware exploits as BLOCKED in my HOSTS file, and I can't get to them, until they're proven clean (I don't remove ones that just "drop" because they've been shown to get "recycled/reused").

APK

P.S.=>

"And when the server gets bushwhacked instead of the domain, and they move to a new host - but you're still getting the old IP from your hosts file - then what?" - by phorm (591458) on Friday November 26, @01:29PM (#34351528) Homepage

I again confronted you today on this, as to HOW you were "modded up" here -> http://slashdot.org/comments.pl?sid=1887878&cid=34387450 because I already covered the other part in my initial reply with this statement (as to sites changing IP addresses) requoted, again, below next:

"& if they change it again? Re-Ping (with a double verifying WHOIS) said site & the TLD that does NOTHING but resolve hosts/domains to their correct IP will give you a correct IP address (provided you're NOT being "man-in-the-middle" attacked) to reinsert into your hosts file to update it..." - by Anonymous Coward on Friday November 26, @12:36PM (#34351132)

As to verifying IP addresses changing on sites.

So, if a site also is proven to harbor malware exploits?? A custom HOSTS file is also used to block those out until they are proven CLEAN... get it??

I don't see HOW/WHY you were modded up, because I cover the 1st point & anyone that knows how to use a HOSTS file knows it can be used to BLOCK OUT BAD SITES/SERVERS THAT SERVE UP EXPLOITS TOO, per the above... apk

ImmixGroup seems to have "been awarded a contract with the U.S. Department of Homeland Security (DHS) Immigration and Customs Enforcement (ICE) Cyber Crimes Center (C3)" http://www.immixgroup.com/news/pr_display.cfm?ID=117 . That would make a hoax unlikely.

Only problem is that ImmixGroup is not the owner of the domain, "seizedservers.com". The registration just says that. Resolve that to an IP, it's 74.81.170.110 which is the same as all the rest of the seized domains. Look at the name servers listed in the registrar for "seizedservers.com", they also belong to CaroNet (CaroNet Managed Hosting, Inc.)
NS1.SEIZEDSERVERS.COM 74.81.170.109
NS2.SEIZEDSERVERS.COM 74.81.170.108

http://toolbar.netcraft.com/site_report?url=http://seizedservers.com
http://whois.arin.net/rest/net/NET-74-81-170-0-1

These are all of theirs http://whois.arin.net/rest/org/CIL-56/nets

(2) The name servers ns1.torrent-finder.com and ns2.torrent-finder.com, as well as the torrent-finder.com ALL redirect to addresses in a private hosting company (74.81.170.108, .109 and .110 respectively), physically in Charlotte, NC. The picture you're greeted with is served from one of the hosting company's addresses."

->>ALL the seized hosts are coming from using 74.81.170.108, 74.81.170.109 as their dns; and they ALL point to the same IP 74.81.170.110

(3) Whois reports the registrar to be Go Daddy, but the name servers ns1 and ns2.seizedservers.com whose IP addresses aremanaged by a private company called "wild west domains".

(4) The "seizedservers.com" domain is controlled by a company called "immixGroup IT solutions". The registrar is network solutions and the registrant is using network solution's privacy service to block his contact identity.

->>"seizedservers.com" also belongs to CaroNet Managed Hosting, and not "immixGroup IT solutions".

The whois just claims it's immxgroup, but the actual domain seizedservers.com belongs to and resolves to that same IP (74.81.170.110) they are all using at CaroNet.
http://toolbar.netcraft.com/site_report?url=http://seizedservers.com

Registrant:
immixGroup IT Solutions
ATTN SEIZEDSERVERS.COM
care of Network Solutions
PO Box 459
Drums, PA. US 18222

Domain Name: SEIZEDSERVERS.COM

Administrative Contact, Technical Contact:
immixGroup IT Solutions

ATTN SEIZEDSERVERS.COM
care of Network Solutions
PO Box 459
Drums, PA 18222
US
570-708-8780

Record expires on 24-Nov-2011.
Record created on 24-Nov-2010.

Domain servers in listed order:

NS1.SEIZEDSERVERS.COM 74.81.170.109 --- CaroNet DNS IPS
NS2.SEIZEDSERVERS.COM 74.81.170.108 --- CaroNet DNS IPS

ALL the same, See:

http://network-tools.com/default.asp?prog=dnsrec&host=seizedservers.com
http://network-tools.com/default.asp?prog=dnsrec&host=torrent-finder.com
http://network-tools.com/default.asp?prog=dnsrec&host=2009jerseys.com
http://network-tools.com/default.asp?prog=dnsrec&host=51607.com

To a custom hosts file: That tell you anything? It used to only be that many a month years ago prior to I'd say, 2004 or thereabouts...

Additionally, to so do, I'm still using the same decent sources as well as my own I built up from the same sources since 1997:

Spybot Search & Destroy's "IMMUNIZE" feature
http://ddanchev.blogspot.com/
http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts
http://news.netcraft.com/
http://www.shadowserver.org/
https://zeustracker.abuse.ch/monitor.php?filter=online

Today/Nowadays? It's worse than it was as far as PC's being @ risk online just on sheer numbers of bogus sites or even banner ads that are maliciously scripted in intent. Just on sheer numbers alone.

APK

P.S.=> In summation, all I can tell you, from my "POV" of making a hosts file full of known malware or maliciously scripted sites for a LONG time now is, it's gotten worse, & is happening FAR faster than it used to be (more folks understand coding now is why most likely & the tools are simpler/better too), & I've been building up a closing in on 1 million bogus sites based HOSTS file for over 14 or so years now as my basis in fact here is all...

I'm not dreaming of a bare hands movement taking over the world

Well, you don't need to dream, it has already happened.

Ever heard of this "internet" thingie? A "bare hands movement" is what keeps it moving

Wow. The most profitable I.T. company, the I.T. company that suppose to be the number one software company in the world, which have monopoly on operation systems and in the office market, officially admitting that their IIS, MSSQL, .NET and ASP.NET crap can't compete with Wordpress, an Open Source CMS system, running on plain old PHP and a MySQL database.

Mustn't that be a blow to all the Microsoft's chills and so called I.T. consultants that are trying in masses to convince small business and enterprise users to buy in to the ASP.NET stuff, that is suppose to be so enterprise ready and suppose to scale so well on the Microsoft IIS server? How are they going to convince anyone if Microsoft itself says "... it can’t compete with the established blogging platforms ..." with their ASP.NET and IIS Server 7.0 (which on live.com is running)?

See subject, and it's not looking good for Linux + Apache folks (LAMP): I mean, hey - Facebook's 2nd outage in 24 hours? Come on!

Hey - the way you "penguinista" around here talk, well, I thought Linux and Apache 'never crashed' or had downtime, penguins!

I mean, You're always ribbing on Windows here saying it's unstable, and yet what's this over at facebook the past 2 days now, hmmm?

When the chips are on the table?? Linux + Apache went DOWN boys!

Now, on the other hand/by way of comparison??

Well - I don't see NASDAQ for example crashing using Windows Server 2003 clusters:

http://www.nasdaqtrader.com/Trader.aspx?id=MarketShare

"NASDAQ is renowned for its high performance technology and has proven reliability with 99.999+% uptime. Whats more, firms count on NASDAQ for unsurpassed speed and tested capacity to execute trades quickly and efficiently."

That's what NASDAQ uses as the official "trade data dissemination system" to users there, as well as other systems (bigger iron stuff), and all their systems maintain that kind of uptime under tremendously heavy user & work loads, 24x7!

(Additionally/again, using Windows Server 2003 clusters no less (which being an NT based OS, is like its ancestor before it in VMS, & has clustering, & stable as iron when run this way))

(Just in case anyone doesn't believe that Facebook uses a "LAMP stack", and I am sure this is going to get me "flamed" here or downrated as per usual whenever someone shows that Linux is NOT "impervious" to downtime or crashing??? Take a peek here boys:

http://uptime.netcraft.com/up/graph?site=facebook.com

That'll show you Linux and Apache... and yes, F5's "BIG IP" is just an internet appliance that runs on Linux! See here for that much as well:

http://en.wikipedia.org/wiki/F5_Networks

"F5's BIG-IP product is based on a network appliance (either virtual or physical), which runs F5's Traffic Management Operating System (TMOS), which runs on top of Linux" )

See subject, and it's not looking good for Linux + Apache folks (LAMP): I mean, hey - Facebook's 2nd outage in 24 hours? Come on! I thought Linux and Apache 'never crashed' or had downtime, penguins! You're always ribbing on Windows here saying it's unstable, and yet what's this over at facebook the past 2 days now, hmmm?

When the chips are on the table?? Linux + Apache went DOWN boys!

Now, on the other hand/by way of comparison??

Well - I don't see NASDAQ for example crashing using Windows Server 2003 clusters:

http://www.nasdaqtrader.com/Trader.aspx?id=MarketShare

"NASDAQ is renowned for its high performance technology and has proven reliability with 99.999+% uptime. Whats more, firms count on NASDAQ for unsurpassed speed and tested capacity to execute trades quickly and efficiently."

That's what NASDAQ uses as the official "trade data dissemination system" to users there, and it has maintained that kind of uptime, using Windows Server 2003 clusters no less (which being an NT based OS, is like its ancestor before it in VMS, & has clustering, & stable as iron when run this way)

(Just in case anyone doesn't believe that Facebook uses a "LAMP stack", and I am sure this is going to get me "flamed" here or downrated as per usual whenever someone shows that Linux is NOT "impervious" to downtime or crashing??? Take a peek here boys:

http://uptime.netcraft.com/up/graph?site=facebook.com

That'll show you Linux and Apache... and yes, F5's "BIG IP" is just an internet appliance that runs on Linux! See here for that much as well:

http://en.wikipedia.org/wiki/F5_Networks

"F5's BIG-IP product is based on a network appliance (either virtual or physical), which runs F5's Traffic Management Operating System (TMOS), which runs on top of Linux" )

bullshit, it has to be true that he discovered the exploit, netcraft confirms it:
http://news.netcraft.com/archives/2010/09/21/twitter-users-fall-victim-to-new-xss-worm.html

There's more info on the spread of this exploit from Paul Mutton at Netcraft

Well, then it must be true if Netcraft confirms it.

There's more info on the spread of this exploit from Paul Mutton at Netcraft and Graham Cluely at Sophos.

"Web anti malware firm Dasient has published data claiming that more than 1 million Web sites were compromised in the second quarter, 2010 - a sharp increase. *In Sean Connery's James Bond voice* Of course they have." - by AnonymousClown (1788472) on Thursday September 16, @12:25PM (#33600940)

I don't know about THAT, however? Well - I DO know that my personal custom HOSTS file is nearly @ 1 million absolutely unique entries of known bad sites/servers, and it took me nearly 10++ yrs. now to get it to that # no less!

I populate it from very reputable & reliable sources listed below:

----

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts
http://news.netcraft.com/
http://www.shadowserver.org/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://en.wikipedia.org/wiki/Hosts_file
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home

+ Spybot "Search & Destroy" IMMUNIZE feature add ons also...

----

In fact, as far as growth this summer alone? It's been more than usual, and last summer last year was the same it seems/iirc too...

However: Ahem - 1 million++ new known bad sites &/or servers, & in just 1 quarter?

(Hey, anything's possible, but that's a bit "excessive/steep" imo @ least... still, one never knows! Still, I somehow DOUBT it's that bad out there. Yes, it's bad, but not THAT bad... I don't think so @ least, and I tend to keep pretty steady-eddy tracking of this up (for over 10++ yrs. now @ sites & sources such as those listed above via populating my custom HOSTS file for both added security AND added speed))

I.E./E.G.-> The # of entries of known bad sites &/or servers in my HOSTS file, which a great deal of came from my sources listed above no less, had grown this year from July 15th 2010 to Sept. 15th 2010 by almost 18,000 entries alone at the tail-end of this summer alone (up to 881, 543++ total entries, & gaining typically between 50-250 more each day).

It's crazy out there now, but it doesn't affect "me or mine", because I cannot be hurt by that which I cannot enter to get hurt by it, such as a bad website that's malscripted or bears a malware, because that's what HOSTS files do, at least part in the way of security (and more for speed such as adbanner blocking (which also helps security too, because many a banner ad has been found with malicious code in it too the past few years now as well), and site IP-to-URL hardcoding): HOSTS files, if done right, can keep you from getting burned in a bogus kitchen, so-to-speak!

Still - 1 million++ new known bad sites in just 1 quarter this year 2010? I have trouble with that estimation, in believing it to be blunt about it, & yes, I have been looking at this type of data for quite a long time now (over 10++ yrs. in fact, in making a custom HOSTS file to protect vs. this type of lunacy).

APK

P.S.=> Since I

Why the government always needs a site to be build from scratch? There are 100 open source CMS systems out there, where you have a) localization, b) forum, c) uploads, d) content management, etc, etc, all already developed. Just spend £1000 on a nice theme and another £3000 on customizing it. I don't think the side will have 10,000,000 visitors per day where you need an Oracle HTTP server with an Oracle DB and a highly specialized website.

And yet ond BSD disto, FreeBSD, has 5 of the top 10 places on Netcraft including the Top 4.

The 4 linux distros in the top 10 are much more fragmented. CentOS, Fedora, a couple that aren't so easily identified ...

When I think BSD, I think of only 3 - FreeBSD, OpenBSD, and NetBSD. When I think linux, on the other hand ...

It was a modified version of Tamper Data that the author alleged "many problems have been solved in this version".

In addition to modifying several existing files, the author added a file called tamperPost.js that very deliberately sends every form submission to a remote server. You can see some of the code of this on the Netcraft article in the summary (or or a direct link to the image)

When you see the image, you can see that it was obviously a deliberate attempt to steal credentials.

I don't want to step on your rant, but most US Gov websites i've seen.. are on linux. I would guess much of the infrastructure is the same. End-user computers are mostly windows boxes though. With those come exchange and sharepoint and blah blah. But the critical stuff appears to be linux/bsd. You can check here: http://toolbar.netcraft.com/site_report?url=whitehouse.gov

Also, the last time i saw a Certificate of Networthiness list.. there was plenty of OSS approved: apache, php, python, putty, RHEL, firefox blah blah.

As far as the rest of your post is concerned.. i have no facts one way or the other.

And I dont know what a BSD is (BS device?) but it cant be very good if its free.

http://news.netcraft.com/ Damn, I see FreeBSD and Linux as the most used servers for Web Hosting. Considering FreeBSD is a specific Operating system and NOT a generic name such as Linux, I find that even more impressive.

Not fucking bad asshole for free now is it.

Could this be related too? Perhaps they will get a cheap upgrade to Windows Server they use?

http://toolbar.netcraft.com/site_report?url=http://www.bigpond.com

Latest movie or Linus/RMS? Which would you choose? *g*

Besides jokes, I always, blindly stayed away from ISPs using "Windows Server" since it tells a lot about the quality of staff and management. Of course I understand it is not always possible.