Slashdot Mirror
Domain: norton.com
Stories and comments across the archive that link to norton.com.
Comments · 107
-
Malware found on sourceforge too
See subject & a malware on sourceforge https://safeweb.norton.com/rep...
APK
P.S.=> As I said - it's getting outta control & the "bad guys" ARE attacking even sourcecode others use in OpenSORES or hosting malware outta the OpenSORES repositories like github &/or sourceforge too.... apk
-
Malware found on sourceforge too
See subject & malware on sourceforge https://safeweb.norton.com/rep...
APK
P.S.=> Like I said - it's getting outta control & the "bad guys" ARE attacking even sourcecode others use in OpenSORES or hosting malware outta the OpenSORES repositories like github &/or sourceforge too.... apk
-
Malware found on sourceforge too
See subject & a malware on sourceforge https://safeweb.norton.com/rep...
APK
P.S.=> Like I said - it's getting outta control & the "bad guys" ARE attacking even sourcecode others use in OpenSORES or hosting malware outta the OpenSORES repositories like github &/or sourceforge too.... apk
-
Malware found on sourceforge too
See subject & a malware on sourceforge https://safeweb.norton.com/rep...
APK
P.S.=> Like I said - it's getting outta control & the "bad guys" ARE attacking even sourcecode others use in OpenSORES.... apk
-
Malware found on sourceforge today too
See subject & a malware on sourceforge https://safeweb.norton.com/rep...
APK
P.S.=> Like I said - it's getting outta control & the "bad guys" ARE attacking even sourcecode others use in OpenSORES.... apk
-
Re:Weren't the 'stores' supposed to protect us?
-
Re: The ONLY reason I own an Iphone.
I'll agree it happens far less frequently but it does happen: https://us.norton.com/internet...
-
Re:Doesn't have to be the fastest.
Did you try googling it?
First result: https://us.norton.com/internet...
Try again.
That was over 2 years ago, affected pretty much only people who didn't want to bother downloading the FREE XCode from the App Store (for WHATEVER inexplicable reason!), and was actually never PROVEN to contain Malware, IIRC).
And even if it WAS infected, that's STILL 699,999 : 1
Hardly "Plenty" by ANY definition.
-
Re:Doesn't have to be the fastest.
Did you try googling it?
First result: https://us.norton.com/internet...
-
More information
The article is unfortunately lacking in details. From what I can tell, the malware scan is triggered when Facebook believes the account is posting spam. In fairness, there is a lot of malware-related spam that gets posted on Facebook and they have a legitimate reason to keep it off their site.
The problem is the complete lack of transparency and that the antivirus products can remove and share information about files in your computer. There has to be a much better way to do this. For example, Facebook could explain the actual reason for flagging the account as potentially spreading malware. The user could be faced with a temporary ban on posting that gets longer if they continue to allow malware to make spam posts. The ban will be lifted as well by running a malware scan that validates the system is clean. Give the user a choice to wait out a temporary posting ban and clean their system, or run the tool. That seems like a fairer way to prevent malware from spreading.
As for when Facebook locks users out of their accounts, it seems like contacting the Better Business Bureau is a good way to force the issue to be resolved: https://community.norton.com/en/forums/i-have-been-blocked-logging-facebook-it-claims-i-have-malware-and-must-add-eset-program-scan. At least one user suggested that they are responsive to such complaints.
-
FORGOT THIS SOURCE (nigh constant updates)
See subject & NORTON SafeWeb http://safeweb.norton.com/buzz/ that updates every few minutes above & beyond the 10 sources in my program from the security community (+ 16 security blogs I noted I use here too https://slashdot.org/comments.pl?sid=11424811&cid=55655747/ ).
* That's 27 security sites in TOTAL I use that update AROUND THE CLOCK!
APK
P.S.=> FUNNY you won't tell me WHERE OpenDNS gets its data & prove it's better than I use in security community researchers + how you AVOID the FACT DNS has massive security issues I enumerated https://news.slashdot.org/comments.pl?sid=9007355&threshold=-1&commentsort=0&mode=thread&pid=51969075/ & that it TAKES TIME for DNS to propogate across SUBORDINATE dns servers + that malwaremakers/botnet herders etc. (bad guys) have to PAY for domains/subdomains & THEY TOO HAVE TO WAIT OUT 24 hr. DNS updates for their malicious sites (so your CRAP on 'every millisecond' updates @ OpenDNS is lies!)... apk
-
I have for months now (malware servers there)
I have for months now (malware sites hosted there) shown RIGHT NOW as I write this, here https://safeweb.norton.com/buzz/ as (going to 'obfuscate this' as I see it done on many security site blogs) https://safeweb.norton.com/rep... stating that site is serving up exploits/malicious bs from it via imgur[.]ru...
APK
P.S.=> See subject - THAT is FAR from a "1st" too - & when THAT happens? I block the ENTIRE DOMAIN off in hosts after that much evidences of it... apk
-
I have for months now (malware servers there)
I have for months now (malware sites hosted there) shown RIGHT NOW as I write this, here https://safeweb.norton.com/buzz/ as (going to 'obfuscate this' as I see it done on many security site blogs) https://safeweb.norton.com/rep... stating that site is serving up exploits/malicious bs from it via imgur[.]ru...
APK
P.S.=> See subject - THAT is FAR from a "1st" too - & when THAT happens? I block the ENTIRE DOMAIN off in hosts after that much evidences of it... apk
-
Re:AVG uses INSECURE connections too.
Well my friend, times of changed. One thing I've learned about brand loyalty is that my loyalty changes when the underlying people that constitute the brand changes. So yes, AVG was great in the early mid 2000's, but now, succumbed to scummy tool-bar practices. Meanwhile, products such as ZoneAlarm, Lavasoft, and Spybot Search and Destroy have long been superseded by more advanced anti-malware products and advancements in newer Windows versions (7, 8 , Win10 etc).
Time is money. While yes, you aim to provide results, you're really selling time; however much time a client is willing pay to reach that goal. Some will do a flat-fee. I don't. OTOH, it's often not worth a client burning half the cost of upgrading/repairing a computer if it's more than five years old too. It's why I focus more on the aspects of consulting and data migration along with backup solutions vs just the machine itself. It's a tool. Tools change. But the business objectives and interests of people often don't change nearly as much as the underlaying platform.
Ok, that advice aside, if you're looking for a Free AV solution, try the FortiClient. It's ranked up there really high and does a pretty good job a blocking 'malvertisements' from what I understand. As for a first-line of defense, for residential users (not business due to terms of agreement), Norton ConnectSafe does a good job a stoping a lot of malvertisements too at the DNS level. OpenDNS does the same thing at the more granular level, but it also requires a subscription. This would be good for a SOHO or SMB. Above and beyond that, you're looking at using a Next-Generation Firewall (NGFW) for first-line of defense.
-
Re:PMITA for u
He's in a documentary that's from before he was shipped here and while he was serving time in Romania. It's called something like, "The Most Dangerous Town on the Internet." It's worth watching and is easily found online at your favorite torrent site - it was free in a bundle thingy (I think) but I'm sure there are many ways to get it - there's probably streaming versions.
There are two of them. Almost the same titles. Links below. Both produced by Norton(TM) == Symantec (TM) Antivirus. Nonetheless, they were both worth the 20 minutes of each – time well spent. Just keep in the back of your mind, while watching, that Symantec produced them both, and that Symantec has a stake in having people scared. Even for those in-the-know, you will find the videos informative---They are mostly interviews of people, black-hats and white-hats, so you can hear their voices, watch their body language, and hear (an edited version of) what they have to say. . . and why they do what they do.
Before the links, I recall a trojan that I wrote in 1987, and uploaded to my local BBS, which updated daily with BBS's in other States of the US. It was a seriously damaging trojan, but only potentially so. It was so clumsily written (in BASIC on DOS 3.3) that I doubt that anyone ever clicked on the "Yes, Format my boot-up drive" button. . . or text-entry "Y or N?" line. (I forget which.) I was just trying to get my $50 bounty from Norton for 'discovering' a new malware 'in the wild,' for which they advertised so heavily in computer magazines back then. They never paid me.
LINKS (not embedded, but you can copy-paste, can't you?):
http://us.norton.com/mostdange...
https://www.youtube.com/watch?... -
Tell you what: THESE *may* help... apk
They CAN function as decent indicators (provided this isn't some "brand new" site they haven't tested):
http://safeweb.norton.com/buzz
http://www.siteadvisor.com/
http://wepawet.iseclab.org/
http://www.mywot.com/en/commun...
http://www.virustotal.com/
http://www.mcafee.com/us/mcafe...
http://www.malwareurl.com/list...
http://cbl.abuseat.org/lookup....
http://www.threatstop.com/chec...
http://www.avgthreatlabs.com/s...* You can run sites OR IP Addresses thru them to check *ANY* sites you wish that you're unsure of... enjoy!
APK
P.S.=> In fact, I built hooks into those into this application of mine (in its "Site Checkers" menu, pictured below) that allows users of my APK Hosts File Engine 9.0++ 32/84-bit-> http://start64.com/index.php?o... to answer the SAME basic question you have - in case they wish to remove any sites blocked in the hosts file data imported, these sites give them a FAR MORE DECENT INDICATOR than mere "word-of-mouth"... apk
-
They note other servers for "cloud" too... apk
I've been seeing a LOT of amazon-based ones out of Norton SafeWeb for months now -> http://safeweb.norton.com/buzz
Additionally/Per my subject-line above - & Also, from other sources like this (malwr) https://malwr.com/ per the article here indicating other cloud services might be affected & abused thus:
Many are from a "cloudfront.net" server too from this sources also - like the one named "d1fob1nj1hlyjr.cloudfront.net" shown there now, for example...
(Usually with randomized names, the mark of "DGA" utilizing botnets many times, & like that one as of today's date/past few days - before malwr went down "for the count" as they just did sadly a couple days back, & they were a pretty good daily source for populating my custom hosts file vs. these threats too, + of course).
APK
P.S.=> Still, as to cloudfront - not *really* sure offhand @ least, & minus research on that latter server though, admittedly, but it may also "fit the pattern" here as well (just a "heads-up" for those of you interested) & *may* actually BE one of the "other cloud-based services" being abused also.... apk
-
Re:Use public DNS
Looks like they have 3 different sets. https://dns.norton.com/dnsweb/huConfigureRouter.do -- link shows up after clicking on home user; configure router etc. the 3 sets differ in that they attempt to help with malware, malware+pornography, and malware+porn+non-family-friendly.
-
Use public DNS
Google DNS is 8.8.8.8. and 8.8.4.4
Open DNS is 208.67.222.222 and 208.67.220.220Norton Safe Connect (personal use, not for business) is 199.85.126.10 and 199.85.127.10. Supposed to protect against malware, phishing sites, and scams.
https://dns.norton.com/dnsweb/homePage.do -
Norton
so many people love to bash norton and/or symantic, but those people clearly have NOT used norton antivirus since prior to 2009.
since that revamp in 2009, norton antivirus is the lightest-weight, smoothest running antivirus on older, slower windows computers. period. yes, norton. not microsoft mce, not avast, certainly not avg, bit defender, kaspkersky, eset, or any others. norton.
download and try it.. i dare you to honestly, truly find an antivirus for an older windows computer that runs better... you wont. sorry to disappoint you norton haters. there isn't one.
http://us.norton.com/support/redirects/redirect.jsp?type=latestnav
in addition to this.. firefox + adblock with easylist, easylist privacy, and malware domains subscriptions. a must on any internet-connected pc.
-
Agreed, 110% (unfortunately)... apk
The reason I state this, is because I've been building up a successful blacklist (albeit NOT vs. "spam" or phishers only, but more vs. online threats in maliciously scripted sites &/or servers known to serve up malware etc.):
Yes, thus - I'd have to say, based on 15++ yrs. of experience doing it (based on reputable & reliable sites listed below) that yes, MOST of it comes from those nations (& that's why I said "unfortunately" in my subject-line - since I know their people are NOT "all bad", just that they have a lot of what you state going on).
I base this not only on "opinion" but HARD DATA too!
From a list I apply in custom hosts files of over 1,967,147 such bogus sites/servers that grows by almost 200 - 2,000 such sites each day, approximately (that *might* strike some of you as "fantastic", but it's real)... I get my data from the following sites:
http://hosts-file.net/?s=Download
http://www.malwaredomainlist.com/hostslist/hosts.txt
http://www.malware.com.br/cgi/submit?action=list_hosts_win_0000
http://winhelp2002.mvps.org/hosts.htm
https://spyeyetracker.abuse.ch/monitor.php?filter=lastupdated
http://safeweb.norton.com/noscript/
http://mirror1.malwaredomains.com/files/
http://hostsfile.org/hosts.html
http://www.malwareurl.com/
http://sysctl.org/cameleon/hosts
http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
http://www.safer-networking.org/dl/
http://amada.abuse.ch/palevotracker.phpAND, then I import, consolidate, sort, & deduplicate that data using this application I wrote to do so:
---
APK Hosts File Engine 5.0++ 32/64-bit:
---
Why? Simple - it works, & on the SIMPLEST PRINCIPLE OF ALL: What you can't touch, can't hurt you... & I never was the type of person to just "sit around & take it" - I do something about it, IF possible. The above IS my possible, and it is possible & works (in combination with all I put into this security guide I authored from 1997-2007, here -> http://www.google.com/search?hl=en&output=search&sclient=psy-ab&q=%22How+to+SECURE+Windows+2000/XP%22&btnG=Submit&gbv=1&sei=PjNrUcDVGpSz4AOJuIHQDQ that works on the BEST THING WE HAVE GOING: "Layered-Security"/"Defense-in-Depth"... & yes, it works! )
APK
P.S.=> Any questions?
... apk
-
I do pretty much the same here... apk
Except I completely control it locally @ the fastest level of operations possible (the TCP/IP stack running in PnP designed kernelmode/rpl 0/ring 0 operations) as a filter:
---
APK Hosts File Engine 5.0++ 32/64-bit:
---
(What custom hosts files do for me in added value for better speed, security, reliability, & even anonymity to an extent is listed there in 16 discrete points...)
* "Auto-Magically" populating & creating a custom hosts file from 14++ reputable & reliable sources for data for protecting vs. known malicious sites/servers/hosts-domains:
http://hosts-file.net/?s=Download
http://www.malwaredomainlist.com/hostslist/hosts.txt
http://www.malware.com.br/cgi/submit?action=list_hosts_win_0000
http://mirror1.malwaredomains.com/files/
http://hostsfile.org/hosts.html
http://someonewhocares.org/hosts/
http://www.malwareurl.com/
http://sysctl.org/cameleon/hosts
http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
http://winhelp2002.mvps.org/hosts.htm
http://hostsfile.mine.nu/downloads/
http://safeweb.norton.com/buzz
https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
http://amada.abuse.ch/palevotracker.phpAPK
P.S.=> Best part is, it's not only of value for security, but also for added:
---
1.) Speed (via blocking adbanners as well as bogus sites online, but also via "hardcoding" your favorite sites into it for FASTER IP address resolution locally than from remote DNS servers (which have faults in them, many of which remain unpatched vs. the Kaminsky DNS redirection poisoning flaw, 1/2 a decade++ later AFTER its discovery -> )
2.) Reliability (vs. said unpatched flaw above OR downed remote DNS servers)
3.) To an extent, anonymity (vs. DNS request logs)
---
... apk
-
Good one: Here's more... apk
Sources for custom hosts file data for a myriad of purposes, all listed here (which THIS VERY PROGRAM uses):
---
APK Hosts File Engine 5.0++ 32/64-bit:
---
SOURCES IT USES FOR CUSTOM HOSTS FILE DATA INTAKE:
http://safeweb.norton.com/buzz
http://hosts-file.net/?s=Download
http://hostsfile.org/hosts.html
http://winhelp2002.mvps.org/hosts.htm
https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
https://spyeyetracker.abuse.ch/monitor.php?filter=all
http://www.malware.com.br/cgi/submit?action=list_hosts_win_0000
http://www.malwaredomainlist.com/hostslist/hosts.txt
http://mirror1.malwaredomains.com/files/
http://sysctl.org/cameleon/hosts
http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
http://hostsfile.mine.nu/downloads/
---
* HOWEVER: You don't NEED TO KNOW THAT, since the program above uses most all of those sources listed above, & does the work for you, of - Import, Deduplicate & Filter/Normalize + Convert blocking address format used, Speed up hardcoded favorites (which ARE what can solve redirection problems in DNS & most likely here too with facebook mind you), & Save to hosts itself... from those very reliable & reputable sources for custom hosts file data online!
APK
P.S.=> Enjoy if you use the program I wrote above, & good on your part to see here that you have enough sense to take advantage of custom hosts files for better online speed, security, reliability, & of course, even better anonymity (to an extent, vs. DNS request logs OR vs. DNSBL's you may not like too)...
... apk
-
Re:Submitter here...
If you have friends with specialized tools to detect this kind of thing... did you consider asking one of them to take a look at your device and/or recommend a security app?
I'm one of the doubters. I don't think you were hacked. But check out the major Anti virus companies products, I'm sure they would love to take your money and give you the peace of mind you've been lacking.
http://www.f-secure.com/en/web/home_global/mobile-security
http://us.norton.com/norton-mobile-security/
https://www.mcafeemobilesecurity.com/products/android.aspx -
Re:So?
Personally, I think the feature works really well. Especially against the "Padded Fresh! Just for You!!" fakeAV malware trojan files out there today.
In fact:
many of the antivirus firms are doing hash based reputation scanning.
-
Re:opendns
I haven't said anything good about Symantec in awhile, but Norton DNS provides this free for home AND commercial use.
Two limitations, it only has 3 levels of filtering to choose from and no whitelist options that I'm aware of...
Levels include:
1) Spyware
2) Spyware + Porn
3) Spyware + Porn + File SharingJust need to use their DNS servers. There are obviously ways to circumvent the filtering, but those individuals will at least be learning other (valuable?) skills if they learn how.
-
"The OffSpring" said it best, in "All I Want"...
http://www.youtube.com/watch?v=us8OhI-OTHg
"Day after day your home life's a wreck
The powers that be just
Breathe down your neck
You get no respect
You get no relief
You gotta speak up
And yell out your piece
So back off your rules
Back off your jive
Cause I'm sick of not living
To stay alive
Leave me alone
I'm not asking a lot
I just don't want to be controlled
That's all I want
All I want
How many times is it gonna take
Till someone around you hears what you say
You've tried being cool
You feel like a lie
You've played by their rules
Now it's their turn to try
So back off your rules
Back off your jive
Cause I'm sick of not living
To stay alive
Leave me alone
I'm not asking a lot
I just don't want to be controlled
That's all I want
All I want
I said it before
I'll say it again
If you could just listen
Then it might make sense"* A huge "amen" to that...
I.E.-> Many of "the powers that be" are DOING IT WRONG!
They ought to be using their control of "the pipes/tubes" on the internet to do what GOOD "filering" DNS servers are up to, which is filtering out KNOWN SOURCES of malicious content online!
(E.G.-> malware, malicious script, poisoned banner ads, sites that serve up malicious content in general, spam, & phishing mails also, etc./et al...).
No, instead, this is what folks get - spying on them? WTF!
Good filtering DNS servers for people to consider using (since I noted them above):
Options for "DNSBL filtered 'secured'" DNS servers for single system users/non-networked users (on the job using AD networks or otherwise):
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imagine (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as
-
"The OffSpring" said it best, in "All I Want"...
http://www.youtube.com/watch?v=us8OhI-OTHg
"Day after day your home life's a wreck
The powers that be just
Breathe down your neck
You get no respect
You get no relief
You gotta speak up
And yell out your piece
So back off your rules
Back off your jive
Cause I'm sick of not living
To stay alive
Leave me alone
I'm not asking a lot
I just don't want to be controlled
That's all I want
All I want
How many times is it gonna take
Till someone around you hears what you say
You've tried being cool
You feel like a lie
You've played by their rules
Now it's their turn to try
So back off your rules
Back off your jive
Cause I'm sick of not living
To stay alive
Leave me alone
I'm not asking a lot
I just don't want to be controlled
That's all I want
All I want
I said it before
I'll say it again
If you could just listen
Then it might make sense"* A huge "amen" to that...
I.E.-> Many of "the powers that be" are DOING IT WRONG!
They ought to be using their control of "the pipes/tubes" on the internet to do what GOOD "filering" DNS servers are up to, which is filtering out KNOWN SOURCES of malicious content online!
(E.G.-> malware, malicious script, poisoned banner ads, sites that serve up malicious content in general, spam, & phishing mails also, etc./et al...).
No, instead, this is what folks get - spying on them? WTF!
Good filtering DNS servers for people to consider using (since I noted them above):
Options for "DNSBL filtered 'secured'" DNS servers for single system users/non-networked users (on the job using AD networks or otherwise):
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imagine (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as
-
I supplement custom hosts files w/ better DNS too
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imagine (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> IF you need help for how to set them up? Those pages instruct on that also, OR, you can ask (somehow I don't think you need the help though, but I am stating it just in case)... apk/b
-
I supplement custom hosts files w/ better DNS too
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imagine (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> IF you need help for how to set them up? Those pages instruct on that also, OR, you can ask (somehow I don't think you need the help though, but I am stating it just in case)... apk/b
-
Options for "DNSBL filtered 'secured'" DNS servers
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> IF you need help for how to set them up? Those pages instruct on that also, OR, you can ask (somehow I don't think you need the help though, but I am stating it just in case)... apkb
-
Options for "DNSBL filtered 'secured'" DNS servers
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> IF you need help for how to set them up? Those pages instruct on that also, OR, you can ask (somehow I don't think you need the help though, but I am stating it just in case)... apkb
-
2 things (absolutely FREE)... apk
1st - Better FILTERING DNS servers & 2nd - A program that creates a custom HOSTS file (I wrote it) that's both 32-bit &/or 64-bit for Windows:
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Then there is also this program I wrote that 2 makers of custom hosts file data are hosting for me (hpHosts/malwarebytes + hostsfile.org/securemecca.com):
You simply extract its files to ANY folder you like (usually one you create for it, doesn't matter where, but you MUST run it as administrator (simple & the "read me" tab shows how easy THAT is to do):
What's it do for you?
It's a custom hosts file mgt. program that does the following for end users (Calling it "APK Hosts File Engine 5.0++")
---
1.) Offers massively noticeable increased speed for websurfing via blocking adbanners
2.) Offers increased speed for users fav. sites by hardcoding them into the hosts file for faster IP address-to-host/domain name resolutions (which sites RARELY change their hosting providers, e.g.-> of 250 I do, only 6 have changed since 2006 - & when sites do because they found a less costly hosting provider? Then, they either email notify members, put up warnings on their pages, & do IP warnings & redirectors onto the former IP address range to protect vs. the unscrupulous criminal bidding on that range to buy it to steal from users of say, online banking or shopping sites).
3.) Better "Layered-Security"/"Defense-In-Depth" via blocking host-domain based attacks by KNOWN bad sites-servers that are known to do so (which IS, by far, the majority of what's used by both users (hence the existence of the faulty but for most part working DNS system), AND even by malwa
-
2 things (absolutely FREE)... apk
1st - Better FILTERING DNS servers & 2nd - A program that creates a custom HOSTS file (I wrote it) that's both 32-bit &/or 64-bit for Windows:
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Then there is also this program I wrote that 2 makers of custom hosts file data are hosting for me (hpHosts/malwarebytes + hostsfile.org/securemecca.com):
You simply extract its files to ANY folder you like (usually one you create for it, doesn't matter where, but you MUST run it as administrator (simple & the "read me" tab shows how easy THAT is to do):
What's it do for you?
It's a custom hosts file mgt. program that does the following for end users (Calling it "APK Hosts File Engine 5.0++")
---
1.) Offers massively noticeable increased speed for websurfing via blocking adbanners
2.) Offers increased speed for users fav. sites by hardcoding them into the hosts file for faster IP address-to-host/domain name resolutions (which sites RARELY change their hosting providers, e.g.-> of 250 I do, only 6 have changed since 2006 - & when sites do because they found a less costly hosting provider? Then, they either email notify members, put up warnings on their pages, & do IP warnings & redirectors onto the former IP address range to protect vs. the unscrupulous criminal bidding on that range to buy it to steal from users of say, online banking or shopping sites).
3.) Better "Layered-Security"/"Defense-In-Depth" via blocking host-domain based attacks by KNOWN bad sites-servers that are known to do so (which IS, by far, the majority of what's used by both users (hence the existence of the faulty but for most part working DNS system), AND even by malwa
-
Re:Should be opt-in..
Norton DNS provides a fairly good job and different levels levels.
I use it for just basic malware and phishing protection, but it has level 2 filtering for just malware and porn domains, and 3 which is family unfriendly sites. A DNS option is a much better solution and easy for an ISp to write a tiny program that can setup your router to the right DNS for filtering.
If you want to refine it there are parental controls if you run Windows 7 where you can block keywords. Many routers do this too now if the user is educated enough to know what 192.168.1.1 is.
Of course nothing is perfect but NortonDNS is used by many school and is pretty decent. I may hate their anti virus product but it does nice things as my own DNS service for just the malware protection only.
-
Re:link here
The link is here.
Messed up the tags
-
Oh, really? More like YOUR LIES (with proof)
"4. You lie - by Anonymous Coward on Friday May 04, @02:52PM (#39893819)
That was specifically in regards to DNS request logs, where I show they cannot track you...
Thus, YOU LOSE/YOU FAIL, as usual & anyone can read it here now too, in my requoting myself on it WITH the actual link & text + context I used (regarding DNS tracking logs)...
(Where you not only PARTIALLY QUOTED ME, a weak "troll tactic", but altered my post when you did in your last reply (doubly weak)).
These were my original words, used in the context of DNS request logs, specifically:
"Not with DNS request logs for my hardcoded favorites they don't & CAN'T if I don't query a DNS server of theirs? No possible tracking" - by Anonymous Coward on Friday May 04, @01:45AM (#39886991) FROM -> http://linux.slashdot.org/comments.pl?sid=2820335&cid=39886991
Plus, I even specifically noted in my replies here that DPI can track you, but they do NOT do THAT to everyone...
(U FAIL AS USUAL & on bogus tactics too... lol!)
---
"1. you say that you get it faster. for one you have no source to prove it"" - by Anonymous Coward on Friday May 04, @02:52PM (#39893819)
WTF? Ok - Check how often Norton SafeWeb for example, updates (They're another one of my respected security community sources I didn't mention earlier alongside ZEUS & SPYEYE trackers, + hpHosts/malwarebytes too) here:
http://safeweb.norton.com/buzz
* AGAIN, "U FAIL"... totally "EPIC FAIL #2", lol...
---
"for two, it still takes days/weeks before you're "protected", so yes, you (or anyone relying on your "guide") are doomed. you loose." - by Anonymous Coward on Friday May 04, @02:52PM (#39893819)
LOL, considering I don't use JAVA, javascript, Adobe plugins OR others? How can I be "infested"?? Clue - I can't... those are the things used against users by malware makers... lol!
(I do it via Opera's options for this BY SITE, & by default, I keep it OFF for all sites, & only make exceptions for ones I KNOW are safe that I need to activate them on (plus, I haven't had an infection of ANY KIND since 1996/16++ years now as proof too)).
Plus again - I DO GET UPDATES TO MY HOSTS FILE EVERY 15 MINUTES (quicker if I wish too) & FROM SITES THAT ARE REPUTABLE SECURITY SITES and respected too! The odds of my entering your malicious site you intend to create before I update it is astronomical as well, and I won't click on links you post either...
(Man, are you dumb!)
---
"3. and you are an idiot, I didn't say caching was useless (it is useful and fast as opposed to disk I/O), but it's moot as a point for how fast your access to website has become "thanks" to your host file." - by Anonymous Coward on Friday May 04, @02:52PM (#39893819)
Well, since my word isn't good enough on how much speed gain one gets from a custom HOSTS file? Once more:
I'll post your
A RETURN TO THE KILLFILE:
http://www.securityfocus.com/columnists/491
Some "PERTINENT QUOTES/EXCERPTS" to back up my points with (for starters):
---
"The host file on my day-to-day laptop is now over 16,000 lines long. Accessing the Internet -- particularly browsing the Web -- is actually faster now."
---
"I want my surfing speed back so I block EVERY fucking ad. i.e. http://someonewhocares.org/hosts/ and
-
Re:Assuming you're not just "trolling" (u are)?
1.) DNS has issues, for starters: Would you like a list of problems it's seen over time? Just ask. See below also...
---
2.) You're also adding on "weight" of extra programs that the hosts file can do the SAME JOB FOR, for less!
Especially for a home setup using a single system only.
Since hosts files are simply a filter for the ring 0/rpl 0/kernelmode Pnp designed (Windows &/or MacOS X) IP stack based on the best there is in BSD ones (most all OS are here)? They are less layered on b.s. & thus, are more efficient.
I.E.-> The IP stack, as well as the ring of privelege/CPU opertions it runs from? It is as fast & efficient as it gets, vs.:
A.) Loading on more programs like a local DNS server, especially in recursive mode!
(Potential DNS poisoning/redirect problems & can be done in SECONDS over the 51/53 port series iirc)
B.) Doing so results in eating up more CPU cycles, RAM, & other forms of I/O needlessly & illogically... as well as electric power too.
---
HOWEVER:
I can see using a DNS server, IF you have an Active Directory OR have to manage 100's to 1,000's of servers, but not for a single PC @ home!
(Mainly due to what I wrote above regarding electrical power usage, since programs do NOT "run for free", as well as CPU, RAM, & other forms of I/O)...
Still - To each his own on that account... there's logical ways of doing things, & illogical wasteful ways too.
---
DNS issues? It's even being noted in security forums today @ SOPHOS, here:
Regarding Anonymous making threats to "take down" the root 13 DNS servers!
Yes - it is a possible, but unlikely, possibility of happening!
However, DNS poisoning & redirects, especially to recursive setups of DNS, and odds are you HAD to do that on yours most likely too?
No mere possibility of problems...(Again - want evidences of that? Ask!)
APK
P.S.=> Of course, IF you need DNS services (and we all do, even hosts file users) and you are a single system user especially?
These are excellent options:
Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:
Norton DNS -> http://nortondns.com/
ScrubIT DNS -> http://www.scrubit.com/
OpenDNS -> http://www.opendns.com/(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)
That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!
(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)
ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!
( & it's possible to use ALL THREE in your hardware NAT
-
Re:Use a Mac in Enterprise
Its probably an automatic scan like the one that gets setup by Norton. After all, the technical competency of certain desktop users has always been questionable.
-
Re:And people ask me why I don't use Chrome
I already had it blocked out in my custom HOSTS file (along with 1,656,592++ other KNOWN bad sites/servers/hosts-domains that serve up malicious scripts &/or malware etc.- et al).
That's the security-side of it... the other side's FASTER online websurfing (blocking adbanners & resolving hosts-domains to IP addresses of 250 of my fav. sites in it as well, which results in FAR faster resolves than calling out to a remote DNS server (which may even be compromised via redirect DNS poisoning that's been going on the past few years now)).
Between a custom HOSTS file, & using "filtering" DNS servers (that specialize in blocking out malicious script & malware serving domains + phishing/spamming ones)? I am safer, by far, than most folks are online, & FASTER too!
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ [nortondns.com] & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz [norton.com] as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do [norton.com]
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ [scrubit.com] & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq [scrubit.com]
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free [opendns.com]
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Simplest principle there is, of "I can't get burned when I can't go into the malware fire", so-to-speak (and IF I were to somehow be infected? The custom HOSTS file acts as a "1 way valve" in yet ANOTHER way - the malware/exploit cannot "talk back to mama" (it's C&C server if any) either - BONUS!)...
LASTLY, & to "security-harden" my system even further, I do what's noted in these links (utilizing the principles of "layered-security"/"defense-in-depth"):
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&qs=ns&form=QBLH [bing.com]
-
Re:And people ask me why I don't use Chrome
I already had it blocked out in my custom HOSTS file (along with 1,656,592++ other KNOWN bad sites/servers/hosts-domains that serve up malicious scripts &/or malware etc.- et al).
That's the security-side of it... the other side's FASTER online websurfing (blocking adbanners & resolving hosts-domains to IP addresses of 250 of my fav. sites in it as well, which results in FAR faster resolves than calling out to a remote DNS server (which may even be compromised via redirect DNS poisoning that's been going on the past few years now)).
Between a custom HOSTS file, & using "filtering" DNS servers (that specialize in blocking out malicious script & malware serving domains + phishing/spamming ones)? I am safer, by far, than most folks are online, & FASTER too!
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ [nortondns.com] & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz [norton.com] as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do [norton.com]
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ [scrubit.com] & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq [scrubit.com]
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free [opendns.com]
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Simplest principle there is, of "I can't get burned when I can't go into the malware fire", so-to-speak (and IF I were to somehow be infected? The custom HOSTS file acts as a "1 way valve" in yet ANOTHER way - the malware/exploit cannot "talk back to mama" (it's C&C server if any) either - BONUS!)...
LASTLY, & to "security-harden" my system even further, I do what's noted in these links (utilizing the principles of "layered-security"/"defense-in-depth"):
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&qs=ns&form=QBLH [bing.com]
-
Re:May have?
It's hard to take anything Symantec says seriously as regards security. They have every incentive to make things seem far worse than they really are. Does Symantec offer an antivirus for Android?
Yes they have a number of products for Android, so yes they aren't exactly non-biased.
-
Good DNSBL filtering DNS servers 4 security
That actually use "DNSBL filtered 'secured'" DNS servers for the purposes of security online:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> DNS has issues though, period - it needs SOMEKIND of "Revision" for IPv4 @ least: Especially if DNS servers are set into "recursive mode", as I am SURE YOU OF ALL PEOPLE REALIZE! DNS's VERY susceptible to DNS redirection poisoning (over port 53 via UDP/TCP, iirc)...
HOWEVER?
DNS' better than trying to say, lol, hardcode in EVERY hosts-domain to IP address possible in a custom HOSTS file for example (keeping up with the changes would be the problem as far as "hardcoding in" the equation records). HOSTS are better used for doing a small group of "favorites" (sort of a 'little black book' of girls' phone #'s basically instead of looking through the ENTIRE phonebook each time etc.) &/or BLOCKING OUT known malicious sites/servers/hosts-domains + adbanners (for speed & yes, even security, because banner ads have had their share of malicious script code in them also over time as well).
The way that I use them in layered/phalanx style defensive formation noted above helps for security, bigtime & especially by using ALL of them in "layered-security"/"defense-in-depth" style I noted above in BOTH hardware &/or software setups of the IP stack + router level security... in combination simultaneously, along with other means (like I use in a custom HOSTS file, + AdBlock/NoScript/IE9 TPL's, Opera urlfilter.ini, IE restricted zones, etc., vs. online threats mostly))
... apk
-
Good DNSBL filtering DNS servers 4 security
That actually use "DNSBL filtered 'secured'" DNS servers for the purposes of security online:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> DNS has issues though, period - it needs SOMEKIND of "Revision" for IPv4 @ least: Especially if DNS servers are set into "recursive mode", as I am SURE YOU OF ALL PEOPLE REALIZE! DNS's VERY susceptible to DNS redirection poisoning (over port 53 via UDP/TCP, iirc)...
HOWEVER?
DNS' better than trying to say, lol, hardcode in EVERY hosts-domain to IP address possible in a custom HOSTS file for example (keeping up with the changes would be the problem as far as "hardcoding in" the equation records). HOSTS are better used for doing a small group of "favorites" (sort of a 'little black book' of girls' phone #'s basically instead of looking through the ENTIRE phonebook each time etc.) &/or BLOCKING OUT known malicious sites/servers/hosts-domains + adbanners (for speed & yes, even security, because banner ads have had their share of malicious script code in them also over time as well).
The way that I use them in layered/phalanx style defensive formation noted above helps for security, bigtime & especially by using ALL of them in "layered-security"/"defense-in-depth" style I noted above in BOTH hardware &/or software setups of the IP stack + router level security... in combination simultaneously, along with other means (like I use in a custom HOSTS file, + AdBlock/NoScript/IE9 TPL's, Opera urlfilter.ini, IE restricted zones, etc., vs. online threats mostly))
... apk
-
Good Job Microsoft - "3 cheers for MS"... apk
This is good stuff from the fellas @ MS, no matter what the "naysayers" say (usually "pro-*nix" trolls around here with their "down with ms" & "down with Windows" b.s. OR putting down Mr. Gates, etc./et al)...
* Especially about the part of distributing it around all to other parties that could use it!
I mean, hey: I could use that data for security purposes myself!
Now - IF they're ANYTHING like that Norton/Symantec's doing here for instance -> http://safeweb.norton.com/buzz
I.E.-> Showing feeds of what malware their distributed worldwide software (NAV etc.) is collecting for populating their security wares AND to doubtless fill Norton DNS' blocking DNSBLs with too (filters vs. known malicious sites) -> https://dns.norton.com/dnsweb/homePage.do
?
This effort by MS is going to be VERY useful (especially to security professionals relating to IT/IS/MIS etc./et al!)
I only hope they open that data up to individuals like myself, as Norton (& others, but not from commercial concerns usually I have found @ least) has, shown above.
APK
P.S.=> Heck - I say it's useful, because basically, it's the SAME basic reason I integrate HOSTS file data from all of the reputable & reliable sources online for that - to share with others, for the overall GOOD of all...
... apk
-
Good Job Microsoft - "3 cheers for MS"... apk
This is good stuff from the fellas @ MS, no matter what the "naysayers" say (usually "pro-*nix" trolls around here with their "down with ms" & "down with Windows" b.s. OR putting down Mr. Gates, etc./et al)...
* Especially about the part of distributing it around all to other parties that could use it!
I mean, hey: I could use that data for security purposes myself!
Now - IF they're ANYTHING like that Norton/Symantec's doing here for instance -> http://safeweb.norton.com/buzz
I.E.-> Showing feeds of what malware their distributed worldwide software (NAV etc.) is collecting for populating their security wares AND to doubtless fill Norton DNS' blocking DNSBLs with too (filters vs. known malicious sites) -> https://dns.norton.com/dnsweb/homePage.do
?
This effort by MS is going to be VERY useful (especially to security professionals relating to IT/IS/MIS etc./et al!)
I only hope they open that data up to individuals like myself, as Norton (& others, but not from commercial concerns usually I have found @ least) has, shown above.
APK
P.S.=> Heck - I say it's useful, because basically, it's the SAME basic reason I integrate HOSTS file data from all of the reputable & reliable sources online for that - to share with others, for the overall GOOD of all...
... apk
-
Me too (but 4 DIFF. reasons)... apk
I already had it blocked out in my custom HOSTS file (along with 1,656,592++ other KNOWN bad sites/servers/hosts-domains that serve up malicious scripts &/or malware etc.- et al).
That's the security-side of it... the other side's FASTER online websurfing (blocking adbanners & resolving hosts-domains to IP addresses of 250 of my fav. sites in it as well, which results in FAR faster resolves than calling out to a remote DNS server (which may even be compromised via redirect DNS poisoning that's been going on the past few years now)).
Between a custom HOSTS file, & using "filtering" DNS servers (that specialize in blocking out malicious script & malware serving domains + phishing/spamming ones)? I am safer, by far, than most folks are online, & FASTER too!
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Simplest principle there is, of "I can't get burned when I can't go into the malware fire", so-to-speak (and IF I were to somehow be infected? The custom HOSTS file acts as a "1 way valve" in yet ANOTHER way - the malware/exploit cannot "talk back to mama" (it's C&C server if any) either - BONUS!)...
LASTLY, & to "security-harden" my system even further, I do what's noted in these links (utilizing the principles of "layered-security"/"defense-in-depth"):
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&qs=ns&form=QBLH
... apk
-
Me too (but 4 DIFF. reasons)... apk
I already had it blocked out in my custom HOSTS file (along with 1,656,592++ other KNOWN bad sites/servers/hosts-domains that serve up malicious scripts &/or malware etc.- et al).
That's the security-side of it... the other side's FASTER online websurfing (blocking adbanners & resolving hosts-domains to IP addresses of 250 of my fav. sites in it as well, which results in FAR faster resolves than calling out to a remote DNS server (which may even be compromised via redirect DNS poisoning that's been going on the past few years now)).
Between a custom HOSTS file, & using "filtering" DNS servers (that specialize in blocking out malicious script & malware serving domains + phishing/spamming ones)? I am safer, by far, than most folks are online, & FASTER too!
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Simplest principle there is, of "I can't get burned when I can't go into the malware fire", so-to-speak (and IF I were to somehow be infected? The custom HOSTS file acts as a "1 way valve" in yet ANOTHER way - the malware/exploit cannot "talk back to mama" (it's C&C server if any) either - BONUS!)...
LASTLY, & to "security-harden" my system even further, I do what's noted in these links (utilizing the principles of "layered-security"/"defense-in-depth"):
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&qs=ns&form=QBLH
... apk
-
How's DNSBL going to "harm security"?
Explain how DNSBL adversely affects SECURITY specifically someone, please (per this quote from the article here today):
"the method of DNS filtering proposed to block supposed infringing sites opens up enormous security holes that threaten the stability of the internet itself"
Because I have seen DNSBL's be used to AID SECURITY, ala:
---
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
I.E./E.G.-> I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary) - I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side)...
* Which are ALL/EACH examples of "filtering" DNS that use DNSBL's FOR THE GOOD of others online (to block out KNOWN BAD SITES/SERVERS ONLINE!).
APK
P.S.=> Now, some b.s. artist MAY mean that DNSBL's (DNS Block Lists) "harm":
1.) Illegal file sharers' "freedoms" (freedoms to STEAL is about it), but that's NOT about security being harmed @ all, whatsoever...
2.) Nor is it harming "freedom of speech" if DNSBL's are kept strictly to blocking out known bad sites/servers that serve up malicious scripted exploits, malwares, & the like (and YES, illegally shared files along with child pornography & the like etc./et al)...
... apk/b
-
How's DNSBL going to "harm security"?
Explain how DNSBL adversely affects SECURITY specifically someone, please (per this quote from the article here today):
"the method of DNS filtering proposed to block supposed infringing sites opens up enormous security holes that threaten the stability of the internet itself"
Because I have seen DNSBL's be used to AID SECURITY, ala:
---
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
I.E./E.G.-> I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary) - I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side)...
* Which are ALL/EACH examples of "filtering" DNS that use DNSBL's FOR THE GOOD of others online (to block out KNOWN BAD SITES/SERVERS ONLINE!).
APK
P.S.=> Now, some b.s. artist MAY mean that DNSBL's (DNS Block Lists) "harm":
1.) Illegal file sharers' "freedoms" (freedoms to STEAL is about it), but that's NOT about security being harmed @ all, whatsoever...
2.) Nor is it harming "freedom of speech" if DNSBL's are kept strictly to blocking out known bad sites/servers that serve up malicious scripted exploits, malwares, & the like (and YES, illegally shared files along with child pornography & the like etc./et al)...
... apk/b