Domain: nortondns.com
Stories and comments across the archive that link to nortondns.com.
Comments · 27
-
Not a "bad idea", but... apk
"You are better off setting up upstream DNS server on router and use hosts file on that, but you are bound to memory on router." - by Anonymous Coward on Friday April 19, 2013 @05:47PM (#43498681)
That's actually NOT a "bad idea" because it offloads the RAM usage on a computer (once a hosts is cached in RAM by either the faulty with larger custom hosts files local dns clientside caching service OR by the local kernelmode diskcaching subsystem (that caches hosts file data when you have to turn off the faulty dns clientside cache service)).
Yes, you are correct that you'd be "memory-bound" on router memory limits (& NOT all routers have rules tables for that either, OR demand custom firmware mods)... but, it's also a way (other than doing it on a system that houses a DNS server program - most run in RPL 3/Ring 3/usermode though, vs. custom hosts merely acting as a filter for the IP stack itself in Ring 0/RPL 0/kernelmode - fastest mode of operations possible for software on a PC).
A DNS server program WILL respond to & obey blocks (or hardcodes for speed to favorite sites too) in custom hosts files, so yes/again - that IS a valid idea.
I just don't waste CPU cycles, RAM, & other forms of I/O that DNS servers (which waste a lot more power/electricity as a separate 'upstream machine' especially) or even DNS server programs running on a SINGLE system the way I do it... "less moving parts" complexity MY way, too!
HOWEVER:
I don't "hate" DNS servers!
In fact - I use them myself (since I don't attempt to resolve 'every host-domain there is online' via hosts, only my favorites @ the top of the file, 20 of them, which beats hashtable indexing or b-tree binary seeks past 2++ million records no less).
I use specialized REMOTE (not locally here as a separate redundant wasteful recursive server or even as a service/daemon) FILTERING DNS SERVERS that help block out malicious sites/servers/hosts-domains via DNSBLs:
---
Norton DNS:
198.153.192.1
198.153.194.1
198.153.192.60
198.153.194.60
198.153.192.50
198.153.194.50
198.153.192.40
198.153.194.40OpenDNS:
http://www.opendns.com/home-solutions/
208.67.222.222
208.67.220.220ScrubIT DNS:
67.138.54.100
207.225.209.66Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
ALL in layered formation in both my network connection AND my Cisco/LinkSys stateful packet inspecting router.
(Again - for the concept of "layered-security"/"defense-in-depth": The best thing we have going currently vs. malicious threats online & otherwise...)
APK
P.S.=> DNS also has KNOWN BIG ISSUES - ones I like to avoid by setting one up in recursive mode (which you DO have to do for them to update/be current) locally here either as a separate system OR even a single program on a single system (especially the unpatched for 1/2 a decade++ now "Kaminsky flaw" from ISP's especially, which also take longer for IP Address resolutions of host-domain names too mind you)... here is a list of SOME of them for your reference:
A DNS FLAWS LIST OVER TIME FOR REFERENCE (only partial):
---
DNS flaw reanimates slain evil sites as ghost domains: -> http://www.theregister.co.uk/2012/02/16/ghost_domains_dns_vuln/
---
BIND vs. what the Chinese are doing to DNS lately?: -> http://yro.slashdot.org/st
-
How I use BOTH custom hosts & DNS... apk
"That is why you should use a white-list private dns server" - by Anonymous Coward on Monday January 07, @12:36PM (#42506751)
Why should I run a DNS server @ home?
As a separate machine it would EAT UP ELECTRICITY, & truly add complexity I don't NEED!
On my single home system?
It would do the same, as well as eat up CPU cycles, RAM, & other forms of I/O for something I don't need vs. what the combination of custom hosts files (which yes, overcome some issues on DNS like dns poisoning, dns servers going down, slower resolutions from remote DNS) & yes, on the single system I have (@ home)!
---
IMPORTANT: & I can't stress THIS enough!
Also PER MY SUBJECT-LINE ABOVE, which is what I *think* you all mess up on, as to HOW I USE CUSTOM HOSTS FILES?
CLUE: I don't ATTEMPT to have every single host-domain name in existence resolved to IP address here!
What DO I ACTUALLY DO?
I 'hardcode in' only my 20 top favorites sites in it!
The rest of its entries are blocked out KNOWN malicious sites/servers/hosts-domains that serve up malicious script code, malware, phishing/spamming, adbanners, & such (which eat your bandwidth you pay for, as well as poison you).
Once more - I hardcode in where I spend 95% or more of my time online (for reliability vs. downed or DNS poisoned DNS servers, and for faster resolution from local address once they are reverse DNS pinged for proper resolution).
AND?
I use Filtering DNS servers I use (secured vs. malware, malicious scripted sites, phishing/spamming & more) external to my home:
---
Norton DNS:
198.153.192.1
198.153.194.1
198.153.192.60
198.153.194.60
198.153.192.50
198.153.194.50
198.153.192.40
198.153.194.40OpenDNS:
http://www.opendns.com/home-solutions/
208.67.222.222
208.67.220.220ScrubIT DNS:
67.138.54.100
207.225.209.66Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
To do the rest!
---
"instead of a blacklist
/etc/hosts file" - by Anonymous Coward on Monday January 07, @12:36PM (#42506751)I generate my custom hosts file via this security (and speed, reliability & performance enhancing) program I wrote:
Both in 32 bit &/or 64 bit form... why?
* Please - DO read what it does for you... it explains it in a short 16 point list, so you can UNDERSTAND how I utilize custom hosts files for security, speed, reliability, privacy, & more... & yes, it works!
APK
P.S.=> Sometimes, I TRULY do *think* you guys THINK I use hosts to "resolve the entire internet" & again, so it "sinks in":
NO, I don't DO that... see above!
(See what I use custom hosts for in that programs' link above (it will explain it to you without ME having to do it for the 100th time here on slashdot))...
... apk
-
That's NOT disproving my points... apk
Running a DNS server, for what? To add complexity & waste electricity on a SEPARATE system here?? NO thanks...
OR
Even running it as a service on my single system here (wasting memory, CPU cycles, & RAM + other forms of I/O too), for doing what a TIGHTLY INTEGRATED part of the IP stack already does in a custom hosts file does already??
Again - no thanks!
* Besides - DNS does have issues in redirection DNS poisoning as well (in recursive mode and odds are you HAVE to set it up that way)... yes, you can point to the roots, but it's not like those CAN'T be floored too (that's a possible).
I don't have DNS, I use them myself... however, I use specialized FILTERING ones (vs malicious exploits) from the list below:
Norton DNS:
198.153.192.1
198.153.194.1
198.153.192.60
198.153.194.60
198.153.192.50
198.153.194.50
198.153.192.40
198.153.194.40OpenDNS:
http://www.opendns.com/home-solutions/
208.67.222.222
208.67.220.220ScrubIT DNS:
67.138.54.100
207.225.209.66Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2APK
P.S.=> Disprove the list of points that custom hosts files give you that are in the link to my program... go for it (you obviously can't & that's that)...
... apk
-
Saves electricity, cpu cycles, RAM, I/O & more
Plus, what I do adds "layered-security"/"defense-in-depth", for less cost, since I supplement using hosts with filtering DNS servers!
However - Filtering DNS servers that are external to MY home & power bill here.
Thus, saving the electricity on doing it with a separate system especially (or just on cpu cycles, RAM, & other forms of I/O dns has if run as a service or daemon) + added complexity.
That's in BOTH my IP stack settings for DNS, as well as in my router, for "layered-security"/"defense-in-depth"... My p.s. below has the list I use.
What I do in my last posts' no trouble - happens for me "automagically", every 12 hours (or manually if I wish) - I designed it that way!
I do both (and a lot more security-wise) as a "security-supplement"'s to one another, & that's also no trouble @ all either - Despite DNS' known issues with recursive setups issues - yes, it's a known issue...
* So, & even if say, ICANN gets compromised & you pointed your DNS to it? I won't be @ least... how/why?
Well, since where I spend a good 99% of my time online's "hardcoded" @ the VERY TOP of my hosts file as favorites!
Thus - I resolve them, myself... & they are "reverse DNS" ping resolved (vs. the in-arpa "TLD" that keeps that information...) right when the hosts file's built...
APK
P.S.=> FILTERING EXTERNAL-TO-MY-HOME DNS SERVERS I UTILIZE IN COMBINATION WITH A CUSTOM HOSTS FILE (and a lot more, like NoScript in Mozilla based browsers etc./et al):
---
Norton DNS:
198.153.192.1
198.153.194.1
198.153.192.60
198.153.194.60
198.153.192.50
198.153.194.50
198.153.192.40
198.153.194.40OpenDNS:
http://www.opendns.com/home-solutions/
208.67.222.222
208.67.220.220ScrubIT DNS:
67.138.54.100
207.225.209.66Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
Again - I use those BOTH my IP stack settings for DNS, as well as in my router - for "layered-security"/"defense-in-depth"...
... apkb
-
"The OffSpring" said it best, in "All I Want"...
http://www.youtube.com/watch?v=us8OhI-OTHg
"Day after day your home life's a wreck
The powers that be just
Breathe down your neck
You get no respect
You get no relief
You gotta speak up
And yell out your piece
So back off your rules
Back off your jive
Cause I'm sick of not living
To stay alive
Leave me alone
I'm not asking a lot
I just don't want to be controlled
That's all I want
All I want
How many times is it gonna take
Till someone around you hears what you say
You've tried being cool
You feel like a lie
You've played by their rules
Now it's their turn to try
So back off your rules
Back off your jive
Cause I'm sick of not living
To stay alive
Leave me alone
I'm not asking a lot
I just don't want to be controlled
That's all I want
All I want
I said it before
I'll say it again
If you could just listen
Then it might make sense"* A huge "amen" to that...
I.E.-> Many of "the powers that be" are DOING IT WRONG!
They ought to be using their control of "the pipes/tubes" on the internet to do what GOOD "filering" DNS servers are up to, which is filtering out KNOWN SOURCES of malicious content online!
(E.G.-> malware, malicious script, poisoned banner ads, sites that serve up malicious content in general, spam, & phishing mails also, etc./et al...).
No, instead, this is what folks get - spying on them? WTF!
Good filtering DNS servers for people to consider using (since I noted them above):
Options for "DNSBL filtered 'secured'" DNS servers for single system users/non-networked users (on the job using AD networks or otherwise):
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imagine (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as
-
I supplement custom hosts files w/ better DNS too
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imagine (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> IF you need help for how to set them up? Those pages instruct on that also, OR, you can ask (somehow I don't think you need the help though, but I am stating it just in case)... apk/b
-
Options for "DNSBL filtered 'secured'" DNS servers
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> IF you need help for how to set them up? Those pages instruct on that also, OR, you can ask (somehow I don't think you need the help though, but I am stating it just in case)... apkb
-
2 things (absolutely FREE)... apk
1st - Better FILTERING DNS servers & 2nd - A program that creates a custom HOSTS file (I wrote it) that's both 32-bit &/or 64-bit for Windows:
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
D.) Plus:
Comodo Secure DNS:
http://www.comodo.com/secure-dns/switch/windows_vista.html
8.26.56.26
8.20.247.2---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Then there is also this program I wrote that 2 makers of custom hosts file data are hosting for me (hpHosts/malwarebytes + hostsfile.org/securemecca.com):
You simply extract its files to ANY folder you like (usually one you create for it, doesn't matter where, but you MUST run it as administrator (simple & the "read me" tab shows how easy THAT is to do):
What's it do for you?
It's a custom hosts file mgt. program that does the following for end users (Calling it "APK Hosts File Engine 5.0++")
---
1.) Offers massively noticeable increased speed for websurfing via blocking adbanners
2.) Offers increased speed for users fav. sites by hardcoding them into the hosts file for faster IP address-to-host/domain name resolutions (which sites RARELY change their hosting providers, e.g.-> of 250 I do, only 6 have changed since 2006 - & when sites do because they found a less costly hosting provider? Then, they either email notify members, put up warnings on their pages, & do IP warnings & redirectors onto the former IP address range to protect vs. the unscrupulous criminal bidding on that range to buy it to steal from users of say, online banking or shopping sites).
3.) Better "Layered-Security"/"Defense-In-Depth" via blocking host-domain based attacks by KNOWN bad sites-servers that are known to do so (which IS, by far, the majority of what's used by both users (hence the existence of the faulty but for most part working DNS system), AND even by malwa
-
Re:Assuming you're not just "trolling" (u are)?
1.) DNS has issues, for starters: Would you like a list of problems it's seen over time? Just ask. See below also...
---
2.) You're also adding on "weight" of extra programs that the hosts file can do the SAME JOB FOR, for less!
Especially for a home setup using a single system only.
Since hosts files are simply a filter for the ring 0/rpl 0/kernelmode Pnp designed (Windows &/or MacOS X) IP stack based on the best there is in BSD ones (most all OS are here)? They are less layered on b.s. & thus, are more efficient.
I.E.-> The IP stack, as well as the ring of privelege/CPU opertions it runs from? It is as fast & efficient as it gets, vs.:
A.) Loading on more programs like a local DNS server, especially in recursive mode!
(Potential DNS poisoning/redirect problems & can be done in SECONDS over the 51/53 port series iirc)
B.) Doing so results in eating up more CPU cycles, RAM, & other forms of I/O needlessly & illogically... as well as electric power too.
---
HOWEVER:
I can see using a DNS server, IF you have an Active Directory OR have to manage 100's to 1,000's of servers, but not for a single PC @ home!
(Mainly due to what I wrote above regarding electrical power usage, since programs do NOT "run for free", as well as CPU, RAM, & other forms of I/O)...
Still - To each his own on that account... there's logical ways of doing things, & illogical wasteful ways too.
---
DNS issues? It's even being noted in security forums today @ SOPHOS, here:
Regarding Anonymous making threats to "take down" the root 13 DNS servers!
Yes - it is a possible, but unlikely, possibility of happening!
However, DNS poisoning & redirects, especially to recursive setups of DNS, and odds are you HAD to do that on yours most likely too?
No mere possibility of problems...(Again - want evidences of that? Ask!)
APK
P.S.=> Of course, IF you need DNS services (and we all do, even hosts file users) and you are a single system user especially?
These are excellent options:
Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:
Norton DNS -> http://nortondns.com/
ScrubIT DNS -> http://www.scrubit.com/
OpenDNS -> http://www.opendns.com/(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)
That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!
(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)
ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!
( & it's possible to use ALL THREE in your hardware NAT
-
Re:And people ask me why I don't use Chrome
I already had it blocked out in my custom HOSTS file (along with 1,656,592++ other KNOWN bad sites/servers/hosts-domains that serve up malicious scripts &/or malware etc.- et al).
That's the security-side of it... the other side's FASTER online websurfing (blocking adbanners & resolving hosts-domains to IP addresses of 250 of my fav. sites in it as well, which results in FAR faster resolves than calling out to a remote DNS server (which may even be compromised via redirect DNS poisoning that's been going on the past few years now)).
Between a custom HOSTS file, & using "filtering" DNS servers (that specialize in blocking out malicious script & malware serving domains + phishing/spamming ones)? I am safer, by far, than most folks are online, & FASTER too!
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ [nortondns.com] & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz [norton.com] as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do [norton.com]
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ [scrubit.com] & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq [scrubit.com]
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free [opendns.com]
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Simplest principle there is, of "I can't get burned when I can't go into the malware fire", so-to-speak (and IF I were to somehow be infected? The custom HOSTS file acts as a "1 way valve" in yet ANOTHER way - the malware/exploit cannot "talk back to mama" (it's C&C server if any) either - BONUS!)...
LASTLY, & to "security-harden" my system even further, I do what's noted in these links (utilizing the principles of "layered-security"/"defense-in-depth"):
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&qs=ns&form=QBLH [bing.com]
... apk -
Good DNSBL filtering DNS servers 4 security
That actually use "DNSBL filtered 'secured'" DNS servers for the purposes of security online:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> DNS has issues though, period - it needs SOMEKIND of "Revision" for IPv4 @ least: Especially if DNS servers are set into "recursive mode", as I am SURE YOU OF ALL PEOPLE REALIZE! DNS's VERY susceptible to DNS redirection poisoning (over port 53 via UDP/TCP, iirc)...
HOWEVER?
DNS' better than trying to say, lol, hardcode in EVERY hosts-domain to IP address possible in a custom HOSTS file for example (keeping up with the changes would be the problem as far as "hardcoding in" the equation records). HOSTS are better used for doing a small group of "favorites" (sort of a 'little black book' of girls' phone #'s basically instead of looking through the ENTIRE phonebook each time etc.) &/or BLOCKING OUT known malicious sites/servers/hosts-domains + adbanners (for speed & yes, even security, because banner ads have had their share of malicious script code in them also over time as well).
The way that I use them in layered/phalanx style defensive formation noted above helps for security, bigtime & especially by using ALL of them in "layered-security"/"defense-in-depth" style I noted above in BOTH hardware &/or software setups of the IP stack + router level security... in combination simultaneously, along with other means (like I use in a custom HOSTS file, + AdBlock/NoScript/IE9 TPL's, Opera urlfilter.ini, IE restricted zones, etc., vs. online threats mostly))
... apk
-
Me too (but 4 DIFF. reasons)... apk
I already had it blocked out in my custom HOSTS file (along with 1,656,592++ other KNOWN bad sites/servers/hosts-domains that serve up malicious scripts &/or malware etc.- et al).
That's the security-side of it... the other side's FASTER online websurfing (blocking adbanners & resolving hosts-domains to IP addresses of 250 of my fav. sites in it as well, which results in FAR faster resolves than calling out to a remote DNS server (which may even be compromised via redirect DNS poisoning that's been going on the past few years now)).
Between a custom HOSTS file, & using "filtering" DNS servers (that specialize in blocking out malicious script & malware serving domains + phishing/spamming ones)? I am safer, by far, than most folks are online, & FASTER too!
---
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary)!
(I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> Simplest principle there is, of "I can't get burned when I can't go into the malware fire", so-to-speak (and IF I were to somehow be infected? The custom HOSTS file acts as a "1 way valve" in yet ANOTHER way - the malware/exploit cannot "talk back to mama" (it's C&C server if any) either - BONUS!)...
LASTLY, & to "security-harden" my system even further, I do what's noted in these links (utilizing the principles of "layered-security"/"defense-in-depth"):
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&qs=ns&form=QBLH
... apk
-
How's DNSBL going to "harm security"?
Explain how DNSBL adversely affects SECURITY specifically someone, please (per this quote from the article here today):
"the method of DNS filtering proposed to block supposed infringing sites opens up enormous security holes that threaten the stability of the internet itself"
Because I have seen DNSBL's be used to AID SECURITY, ala:
---
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
C.) Open DNS (208.67.222.222 or 208.67.220.220) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
I.E./E.G.-> I use ALL 3 of them (mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary) - I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (software-side), as well as in my LinkSys/CISCO router here (hardware-side)...
* Which are ALL/EACH examples of "filtering" DNS that use DNSBL's FOR THE GOOD of others online (to block out KNOWN BAD SITES/SERVERS ONLINE!).
APK
P.S.=> Now, some b.s. artist MAY mean that DNSBL's (DNS Block Lists) "harm":
1.) Illegal file sharers' "freedoms" (freedoms to STEAL is about it), but that's NOT about security being harmed @ all, whatsoever...
2.) Nor is it harming "freedom of speech" if DNSBL's are kept strictly to blocking out known bad sites/servers that serve up malicious scripted exploits, malwares, & the like (and YES, illegally shared files along with child pornography & the like etc./et al)...
... apk/b
-
Animats what about this/these option(s)?
Options for "DNSBL filtered 'secured'" DNS servers:
A.) Norton DNS (198.153.192.50 and 198.153.194.50/198.153.192.40 and 198.153.194.40/198.153.192.60 and 198.153.194.60) -> http://nortondns.com/ & you can even see how it updates every few minutes vs. known malicious sites-servers, here -> http://safeweb.norton.com/buzz as well as get a GOOD read on how/why it works, etc.- et al, here https://dns.norton.com/dnsweb/faq.do
It filters vs. MANY threats online & IS UP TO DATE as is possible I'd imaging (see those links, you'll understand WHY I state that). It's part of WHY I use it as my PRIMARY DNS here...
---
B.) ScrubIT DNS (67.138.54.100 and 207.225.209.66 ) -> http://www.scrubit.com/ & here is a good read on how/why it works via its FAQ's as well -> http://www.scrubit.com/index.cfm?page=faq
---
& of course
C.) Open DNS (208.67.222.222 or 67.138.54.100) -> https://store.opendns.com/get/home-free
---
EACH IS FREE, & WORKS vs. threats online of MANY kinds, doubtless via a form of DNSBL they use for filtering those threats out!
(E.G.-> Phishing/Spamming, Malware hosting sites/servers, Maliciously scripted hosts-domains etc./et al & more...)
* Personally speaking - I use ALL 3 of them, "in combination". Yes, I am using that latter term loosely is why I quoted it!
(Mostly as "failovers" for one another, in case my primary can't resolve a host/domain name to an IP address, & w/ Norton DNS as primary, I can "fall back on" the others listed above...)
I do so, in a "layered triumvirate formation" in BOTH my IP stack DNS settings in Windows (OS/software-side), as well as in my LinkSys/CISCO router here (hardware-side))...
APK
P.S.=> DNS has issues though, period - it needs SOMEKIND of "Revision" for IPv4 @ least...
See - I don't know if Moxie Marlinspike's DNS solution for SSL protection via a browser addon's the answer either, ala http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22DNS%22+and+%22Moxie+Marlinspike%22&btnG=Search&gbv=1&sei=zwPhTs2wOMrL0QGTs-StBw
OR
If OpenDNS' tool here is either!
However: They're better than nothing!
(It's that, or use the "secured DNS" (filtered rather via DNSBL) that I use, & the way that I use them in layered/phalanx style defensive formation noted above, if not ALL of them in "layered-security"/"defense-in-depth" style... in combination simultaneously, along with other means (like I use in a custom HOSTS file vs. online threats mostly))!
(Especially if DNS servers are set into "recursive mode", as I am SURE YOU OF ALL PEOPLE REALIZE, that DNS's VERY susceptible to DNS redirection poisoning (over port 53 via UDP/TCP, iirc)...
So - lastly:
Yes, I also know who you are Mr. Nagle, especially via your RFC I complimented you on this past week here no less on -> http://tech.slashdot.org/comments.pl?sid=2556266&cid=38265686 )!
Yes - I respect that in fact.
I.E.-> Not everyone, especially on
/. here, does something to "help the human condition" via good works as you have.... apk
-
Norton DNS/Open DNS/ScrubIT DNS
Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:
Norton DNS -> http://nortondns.com/
ScrubIT DNS -> http://www.scrubit.com/
OpenDNS -> http://www.opendns.com/(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)
HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")
HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!
(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)
ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!
( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...
STILL, DNS HAS PROBLEMS... MANY PROBLEMS OVER TIME & EVEN RECENTLY BEYOND THAT OF THIS ARTICLES' POINTS:
---
BIND vs. what the Chinese are doing to DNS lately? See here:
http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
---
SECUNIA HIT BY DNS REDIRECTION HACK THIS WEEK:
http://www.theregister.co.uk/2010/11/26/secunia_back_from_dns_hack/
(Yes, even "security pros" are helpless vs. DNS problems in code bugs OR redirect DNS poisoning issues, & they can only try to "set the DNS record straight" & then, they still have to wait for corrected DNS info. to propogate across all subordinate DNS servers too - lagtime in which folks DO get "abused" in mind you!)
---
DNS vs. the "Kaminsky DNS flaw", here (and even MORE problems in DNS than just that):
http://www.scmagazineus.com/new-bind-9-dns-flaw-is-worse-than-kaminskys/article/140872/
(Seems others are saying that some NEW "Bind9 flaw" is worse than the Kaminsky flaw ALONE, up there, mind you... probably corrected (hopefully), but it shows yet again, DNS hassles (DNS redirect/DNS poisoning) being exploited!)
---
Moxie Marlinspike's found others (0 hack) as well...
Nope... "layered security" truly IS the "way to go" - hacker/cracker types know it, & they do NOT want the rest of us knowing it too!...
(So until DNSSEC takes "widespread adoption"? HOSTS are your answer vs. such types of attack
-
Protective methods vs. ZITMO (& others like it
Which is a ZEUS botnet variant, albeit for "smartphones" (specifically ANDROID iirc):
http://www.google.com/search?hl=en&source=hp&q=ZITMO&btnG=Google+Search
SO, how to do THAT?
Well, use a custom HOSTS file on ANDROID
(Albeit, a modified one, filled with entries blocking out known bad sites/servers/hosts-domains that serve up malware like this, + their botnet C&C servers too):
ANDROID phones can also use the HOSTS FILE TO KEEP DOWN BILLABLE TIME ONLINE, vs. adbanners or malware such as this:
---
Infected Androids Run Up Big Texting Bills:
http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills
---
It's easily done too, via the ADB dev. tool (Android Debug Bridge):
---
1.) Mount ANDROID OS' system mountpoint for system/etc as READ + WRITE/ADMIN-ROOT PERMISSIONS
2.) Copy over your new custom HOSTS over the old one using ADB PULL/ADB PUSH to do so
(Otherwise ANDROID complains of "this file cannot be overwritten on production models of this Operating System", or something very along those lines - this way gets you around that annoyance along with you possibly having to clear some space there yourself if you packed it with things!).
---
* DONE, & "easy as apple pie"...
APK
P.S.=> And, IF POSSIBLE? Also, alter your DNS servers to DNSBL filtering ones!
E.G.-> These 3 are really good vs. malware + phishing exploiters online:
Some DNS servers are "really good stuff" vs. phishing, known bad sites/servers/hosts-domains that serve up malware-in-general & malicious scripting, botnet C&C servers, & more, such as:
Norton DNS -> http://nortondns.com/
ScrubIT DNS -> http://www.scrubit.com/
OpenDNS -> http://www.opendns.com/(Norton DNS in particular, is exclusively for blocking out malware, for those of you that are security-conscious. ScrubIT filters pr0n material too, but does the same, & OpenDNS does phishing protection. Each page lists how & why they work, & why they do so. Norton DNS can even show you its exceptions lists, plus user reviews & removal procedures requests, AND growth stats (every 1/2 hour or so) here -> http://safeweb.norton.com/buzz so, that ought to "take care of the naysayers" on removal requests, &/or methods used plus updates frequency etc./et al...)
HOWEVER - There's ONLY 1 WEAKNESS TO ANY network defense, including HOSTS files (vs. host-domain name based threats) & firewalls (hardware router type OR software type, vs. IP address based threats): Human beings, & they not being 'disciplined' about the indiscriminate usage of javascript (the main "harbinger of doom" out there today online), OR, what they download for example... & there is NOTHING I can do about that! (Per Dr. Manhattan of "The Watchmen", ala -> "I can change almost anything, but I can't change human nature")
HOWEVER AGAIN - That's where NORTON DNS, OpenDNS, &/or ScrubIT DNS help!
(Especially for noob/grandma level users who are unaware of how to secure themselves in fact, per a guide like mine noted above that uses "layered-security" principles!)
ScrubIT DNS, &/or OpenDNS are others alongside Norton DNS (adding on phishing protection too) as well!
( & it's possible to use ALL THREE in your hardware NAT routers, and, in your Local Area Connection DNS properties in Windows, for again, "Layered Security" too)...
HOWEVER:
This I have NOT tried on ANDROID, as I have with HOSTS files, but since it's doabl
-
DNSBL, if implemented vs. malware such as
Norton DNS does http://nortondns.com/ can be a GREAT thing to help stall, or even stop, the malware problem online.
They filter on "malware-in-general" such as KNOWN bad sites/servers/hosts-domains, botnet C&C servers, & even bogus DNS servers by default (and their updates every few minutes for continuously updated protection are here http://safeweb.norton.com/buzz with site-checkers & even a removal appeals process etc./et al... IF a site does "clean up its act" etc. )
Another decent set of these are:
---
ScrubIT DNS -> http://www.scrubit.com/
&
Open DNS -> https://store.opendns.com/get/basic (with built in phishing protection even in the FREE basic model)
---
I use all 3 @ once in my NAT stateful packet inspecting Linksys/CISCO router + my IP stack setup for my Local Area Connection here... in layered security fashion!
* Each as a write up on how they work, why they help, & more... enjoy!
APK
P.S.=> Between the layering of Filtering DNSBL utilizing DNS servers listed above, because I use them ALL in "layered-security fashion" in both my routers & IP stack setup here in Windows, in combination with:
---
1.) A custom HOSTS file ( currently with 1,494,865++ entries of known bad sites/servers/hosts-domains, botnet C&C servers, & even rogue DNS servers blocked in it currently & growing "automagically" from 17 reputable & reliable sources for that type of data for HOSTS as well as DNSBL lists here from a Python script that does so for me),
and
2.) IP addressed threats inserted into my router & software firewalls
3.) And lastly, system security-hardening, in depth -> http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
---
?
I haven't caught a "malware of any kind" infection/infestation since, oh, around 1996 or so in fact!
"Layered security", the best thing we have going currently, really WORKS!
... apk
-
U sound like a hacker-cracker/malware maker
Teun: That's "arguments" they'd use (or a pedophile FREAK would also)... but, on that note:
See subject-line, & this -> http://nortondns.com/ It's got a very easy to navigate page, and on it, it has good detailed explanations that aren't "too technical for the avg. joe" either!
* ENJOY!
---
"I can see you are a Norton troll." - by Teun (17872) on Sunday July 10, @03:06AM (#36709544) Homepage
No, per my subject-line? I just tell it how it is, & the truth!
In fact, I wrote the MOST viewed security guide & most highly rated ones there are, since 1998 online:
Fact is, unlike most of you trolls around here TRY to imply?
I "preach" layered security, & have since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:
http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text
AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:
---
1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))---
Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?
---
SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:
"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral
AND
"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral
AND
"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I
-
Read Norton DNS' page (has good details)
See subject-line, & this -> http://nortondns.com/ It's got a very easy to navigate page, and on it, it has good detailed explanations that aren't "too technical for the avg. joe" either!
* ENJOY!
APK
P.S.=>
"I wasn't real happy with OpenDNS - why would Norton do a better job of "filtering" than OpenDNS did?" - by Runaway1956 (1322357) on Sunday July 10, @03:39AM (#36709658) Homepage
Norton DNS took the place of OpenDNS &/or ScrubIT as my "primary DNS" in fact, due to their use of DNSBL vs. malware exclusively! See their page... explains it ALL!
Plus - They're more "AutoMagic" than OpenDNS' optional filtering is, & no scripting required to use it (just change the DNS settings in your Network Connection in the OS & in your routers TOO if you're smart also)...
HOWEVER - I still use OpenDNS, and ScrubIT DNS as secondary sources though (backups, because you can do that in routers AND in your Windows network connections easily, by IP address (so there is "no fooling it" via bogus man in the middle attacks))
... apk
-
DNSBL's can be "4 the GOOD"
PRIME example thereof? Ok: Norton DNS -> http://nortondns.com/ & you can even see how it updates every few minutes, here -> http://safeweb.norton.com/buzz
* The "noobz" others in other posts here described won't know how to work around these things, & thus, they are protected BY DEFAULT!
(It's really GOOD STUFF, & IF you're "security-conscious"? It only takes a minute to switch your system over to use them as your primary DNS... & same in your routers too!)
APK
P.S.=> Yes, there ARE relatively easy ways to "get around/past" DNSBL, but, the point is this:
Most of these "noobz" you're describing won't know them, & it can protect them from being victimized by botnets + their C&C Servers, bognus DNS servers, maliciously coded sites, known bad sites/servers/hosts-domains that serve up malwares that steal folks information & monies too...
Additionally, yes:
DNSBL's can even function to help BIG BUSINESS/The Wealthy too, as well as the "little guy/Joe Public" online!
(Because we are ALL 'consumers of the internet' big business included, & they also get abused by these things as well).
Boggles my MIND that ISP/BSP's worldwide haven't implemented DNSBL's the way Norton DNS does & why - to help stop the "malware plague" in essence, which we're ALL POSSIBLE VICTIMS OF!
... apk -
Good they "don't get it" & why
Because a VALID DNSBL can HELP them! How so? Look no further: Norton DNS -> http://nortondns.com/ & you can even see how it updates every few minutes, here -> http://safeweb.norton.com/buzz
These "noobz" you describe won't know how to work around these things, & thus, they are protected BY DEFAULT!
(It's really GOOD STUFF, & IF you're "security-conscious"? It only takes a minute to switch your system over to use them as your primary DNS... & same in your routers too!)
APK
P.S.=> Yes, there ARE relatively easy ways to "get around/past" DNSBL, but the point is, that most of these "noobz" you're describing won't know them, & it can protect them from being victimized by botnets + their C&C Servers, bognus DNS servers, maliciously coded sites, known bad sites/servers/hosts-domains that serve up malwares that steal folks information & monies too...
AND, yes, DNSBL's can even function to help BIG BUSINESS/The Wealthy too, as well as the "little guy/Joe Public" online!
(Because we are ALL 'consumers of the internet' big business included, & they also get abused by these things as well).
Boggles my MIND that ISP/BSP's worldwide haven't implemented DNSBL's the way Norton DNS does & why - to help stop the "malware plague" in essence, which we're ALL POSSIBLE VICTIMS OF!
... apk
-
Yes, DNSBL's can be "circumvented" but...
They can still do a LOT OF GOOD, for the majority of "less technical users" online & save them from a lot of hassles. Sure, you CAN get around DNSBL by:
---
1.) Hardcoded IP addresses put into a browser address bar
2.) HOSTS file host-domain name to IP address entries
3.) Using a DNS that doesn't institute DNSBL's vs. anything
(Be it porn, illegal filesharing, or malware/botnets (though this boggles my mind anyone would be INTO being infested by this, almost as much as pedophile freaks do actually (who I think should be hung by their balls & shot at with notched bullets)).
---
Yes, & other methods too...
* However: The point is, that these kinds of lists can save those who are NOT aware of those methods, & keep them safe(r) than they are with DNS from ISP/BSP's not doing it @ all!
(In fact, in another post in this very exchange, I state how it "boggles my mind" more VALID & protective DNSBL's aren't put into place worldwide @ the DNS level for all ISP/BSP's out there & why I think it'd work "FOR THE GENERAL GOOD" -> http://yro.slashdot.org/comments.pl?sid=2311948&cid=36708742 )
APK
P.S.=> In fact, I'd almost wager that doing what Norton DNS does http://nortondns.com/ would help many a problem that's internet caused/based for EVERYONE that uses it, from "Joe Public avg. user" to "big business" too (If filters vs. malware, maliciously scripted sites, known bogus DNS servers, + botnet C&C servers etc. were put into place worldwide vs. them).
I actually THINK it would cut the # of online problem caused by these things by up to 90% easily...
... apk
-
There are (for HOSTS files @ least) vs.
Known maliciously scripted sites/servers/hosts-domains & they DO have removal lists & ways to check on that too on many of them as well, vs. their databases (to see if any you are blocking should be removed). For example, I know of 17 reputable & reliable ones I use, & haul down on average 300++ sites per day to fortify my HOSTS file, & software firewall rules table with, every day (both in the forms of host-domain names & IP Addresses).
In fact - I am blatantly ASTOUNDED this has not taken place worldwide @ the DNS level, via DNSBL's being put into place to protect "Joe Public avg. internet non-geek user" from blundering into sites that ruin their systems, make them slaves of botnets, & steal their information + monies!
All I have seen, other than this child porn one out of "the land down under" (which I DO AGREE WITH, let kids be kids, & don't victimize them - life will do that on its own as it does to all of us to one degree or another eventually)?
Filters protecting "big business only"... that's bullshit to be blunt about it.
(& I've stated this here many times the past few weeks now on posts regarding the MPAA/RIAA & even this filter (this one I agree with though, by all means, though vs. child pornography (disgusting, and WRONG!!!)))
* Especially if these filters are being paid for by tax-payer monies, from ANY government putting them into place... that makes "Joe Public" the owner, not gov't. agencies or "big business only" (who face it, runs the show out there & always has when you come right down to it (the wealthy of the planet in other words)).
However, the thing is? Even the wealthy & BIG BUSINESS would benefit by it as well, since business & gov't. DO get "victimized" by malware makers + botnet masters as well!
The same types of lists also exist for DNSBL (DNS block lists) & a great one to use vs. the types noted above?
Norton DNS -> http://nortondns.com/ & you can even see how it updates every few minutes, here -> http://safeweb.norton.com/buzz
(It's really GOOD STUFF, & IF you're "security-conscious"? It only takes a minute to switch your system over to use them as your primary DNS... & same in your routers too!)
APK
P.S.=> Thing is, I've thought about it, as to WHY THIS ISN'T BEING INSTITUTED WORLD-WIDE @ THE ISP/BSP DNS LEVEL (like Norton DNS does, filtering vs. malware & bogusly scripted sites + bogus DNS servers, as well as botnet C&C Servers too):
About the ONLY thing I can come up with as to WHY this has not been instituted @ the ISP/BSP DNS level, is this:
"It might put PC techies out of a job!"
Well, that's crap: They have PLENTY of other tasks to do during the day (even though it can be up to 85% of their day, I know, I was one in between coding & networking jobs, working for ISP's & such, & much of it was fighting off malwares).
It's like saying:
"Yes, we CAN 'cure cancer', or drive it away to almost nothing... but, that'd put doctors out of a job!"
Again, crap - because doctors, like PC-Techs, have many other "maladies to deal with" during a day's work!
... apk
-
To "en masse" STALL out malwares-in-general?
Things like Norton DNS http://nortondns.com/ can help (they actively implement a constantly updated -> http://safeweb.norton.com/buzz via a DNSBL (DNS Block List) vs. malware threats their distributed antivirus/antispyware systems detect worldwide).
In fact?
I did a post on this the other day here, in my wondering WHY DNSBL vs. malware-in-general is NOT being implemented by ISP/BSP's worldwide in fact:
http://yro.slashdot.org/comments.pl?sid=2295168&cid=36657332
(For the purposes of STALLING OUT malwares-in-general infestations/infections possible vectors of known bad sites/servers/hosts-domains (even bogus DNS servers + botnet C&C servers too)).
* Doing THAT? It would 'cut down' on a good 90% of infestations/infections for 90% of folks that don't know HOW to get around it in the 1st place (hardcoded IP addresses OR HOSTS file circumventions being a couple easy ones), & thus?
PROTECTING THEM FROM INFESTATION/INFECTIONS by rootkits/botnets/virus/spyware/trojans/keyloggers/malware-in-general... & even bogus DNS servers + botnet C&C Servers as well!
APK
P.S.=> Now, in closing/bottom-line/above ALL else:
WHY a DNSBL worldwide has NOT been implemented worldwide @ ISP/BSP levels, "boggles my mind" but...
I do also go into WHY I think it's not being done in the link above too...
(I.E.-> Yes, it can affect PC Techies' jobs - STUPID!!!)
It's like saying "Yes, we can cure cancer or cut it down to almost nothing, but it would put doctors out of a job!"
SO, that "all said & aside"?
Well - what's the lesser of 2 evils?
PUTTING DOCTORS OUT OF THAT PORTION OF THEIR JOBS, by far!
(Because like PC techs? They have myriads of other tasks during the day/week/month/year to tackle, maladies-wise...))
... apk
-
On "en masse" stalls of malware-in-general?
Things like Norton DNS http://nortondns.com/ can help (they actively implement a constantly updated -> http://safeweb.norton.com/buzz via a DNSBL (DNS Block List) vs. malware threats their distributed antivirus/antispyware systems detect worldwide).
In fact?
I did a post on this the other day here, in my wondering WHY DNSBL vs. malware-in-general is NOT being implemented by ISP/BSP's worldwide in fact:
http://yro.slashdot.org/comments.pl?sid=2295168&cid=36657332
(For the purposes of STALLING OUT malwares-in-general infestations/infections possible vectors of known bad sites/servers/hosts-domains (even bogus DNS servers + botnet C&C servers too)).
* Doing THAT? It would 'cut down' on a good 90% of infestations/infections for 90% of folks that don't know HOW to get around it in the 1st place (hardcoded IP addresses OR HOSTS file circumventions being a couple easy ones), & thus?
PROTECTING THEM FROM INFESTATION/INFECTIONS by rootkits/botnets/virus/spyware/trojans/keyloggers/malware-in-general... & even bogus DNS servers + botnet C&C Servers as well!
APK
P.S.=> Now, in closing/bottom-line/above ALL else:
WHY a DNSBL worldwide has NOT been implemented worldwide @ ISP/BSP levels, "boggles my mind" but...
I do also go into WHY I think it's not being done in the link above too...
(I.E.-> Yes, it can affect PC Techies' jobs - STUPID!!!)
It's like saying "Yes, we can cure cancer or cut it down to almost nothing, but it would put doctors out of a job!"
SO, that "all said & aside"?
Well - what's the lesser of 2 evils?
PUTTING DOCTORS OUT OF THAT PORTION OF THEIR JOBS, by far!
(Because like PC techs? They have myriads of other tasks during the day/week/month/year to tackle, maladies-wise...))
... apk
-
Why not filtering vs. botnets/malware also?
At the ISP/BSP level. Yes, this is entirely doable (and will stop most folks from "blundering into" those places) via DNSBL (for starters).
* I don't understand why that's never been undertaken "en masse"...
I know that it IS doable, & yes, being done!
E.G. -> Norton DNS does it in fact (see link below next):
(In fact, because it does filtering vs. known threats online, I would suggest using it IF you don't like being infested by botnets &/or malware. I use it, it helps, & by ALL means + right at the DNS level in fact!)
I combine it with:
---
1.) System security-hardening:
http://www.google.com/search?hl=en&source=hp&q=HOW+TO+Secure+Windows+2000%2FXP&btnG=Google+Search
2.) Firewall rules tables (for blocking IP address based attackers)
3.) A custom HOSTS file that currently blocks 1,457,748++ KNOWN bad sites/servers/hosts-domains currently as of 15 minutes ago from 15 reputable sources online ( & growing all the time via an automated system here I co-designed with my nephew, hence the incrementor C/C++ operator)
4.) Std. stuff too, or it should be @ least nowadays, in AntiVirus/AntiMalware resident programs!
(Microsoft Security Essentials is what I use in this capacity, because it does BOTH virus/spyware protection, AND, it's FREE (bonus), & works + is VERY regularly updated (like 4-5x a day or more)).
All that, & for implementing "layered security" (the best thing we have going currently vs. online threats afaik!)
---
(So - Yes: The data for that IS out there, you just have to use it - not usually "automated" though: Still, the "geek community online" seems to take care of its own, IF you look for it, that is...)
Hey - I found it & IF I can? So can others, especially those working in security efforts for populating DNSBL block lists @ the ISP/BSP level...
(Again, I do so, via a PyThon system my nephew & I co-wrote (write once, run anywhere is why, moved from a Delphi model I wrote myself & used 2004-2010)) so it's as "automagic" & transparent/hands-off touchfree operations pretty much).
Hey - that type of code, it's not "rocket-science"!
(Like any code, it just takes a bit of time to think it out, & build an automator for that type of work is all reallyl, & efforts in doing file access + wget type work (*NIX scripting, & yes, I've seen scripts that could be adapted to do it as I do via PyThon currently as I do)).
DNSBL filters? Again, stressing it - They & data FOR they IS out there too ( & converting data I use for a HOSTS file isn't tough either for that purpose... or, vice-a-versa really!)
So, IF I CAN DO IT, just a single person?? Why can't these ISP/BSP's do it via DNSBL as I noted, & for the "common man/Joe Public" also???
(I mean, face it - MOST of the time? Filtering online's done to STOMP the little guy, & done in the name of big industries or gov't.'s trying to suppress "dissidents" instead... @ least that's what I've been seeing - how about you?)
Thoughts?
APK
P.S.=> The "downside"? It'd probably affect a LOT of IT jobs in say, removal of malware/virus/spyware/botnet infestations... but, so what!
There's always other things we geeks do during the day (though while working those jobs, a good 85% of your day was battling those)... not doing it? It's like saying:
"Yes, we CAN cure cancer - but, it would put a lot of doctors out of work"
Take your pick there - & on which is the lesser of 2 evils?
Hey - Putting doctors out of work imo, but again, they TOO have other maladies to deal with (so they would STILL HAVE WORK, period - same with PC techies too!)
... apk
-
Explain & define that "nope" reply please
"Nope." - by Anonymous Coward on Friday June 24, @08:45AM (#36553816)
Do so on "techincal computing grounds" (for lack of a better expression/turn of a phrase on my part here)...
Not just some silly vendetta or just for trolling - what a stupid word for harassment attempts!
No, don't just "downmod & run", like some people do here:
E.G.-> countertrolling & how he downmoderates posts by not being logged in as his "registered 'LUSER'" account here -> http://slashdot.org/comments.pl?sid=2245866&cid=36491652 as an "example thereof" - that entire bunch in tomhudson, gmhowell, jeremiah cornelius, webmistressrachel, & a few others (sock puppets mostly) are NOTORIOUS for it.
* Thank you...
---
Oh, & by the by/lastly/in-closing:
NortonDNS does do filtering vs. known purveyors of malware via DNSBL site filtering, and vs. botnet C&C servers (& other forms of servers they use also) - See here -> http://nortondns.com/
Sooo... see my subject-line above!
APK
P.S.=> Hey - IF the "best you have" is blowing your mod points on downmoderating a post designed to help others?
You've proved I may be correct that only a malware-maker/botnet master would be interested in suppressing it really, who else would?
Besides: Others here will see it regardless & that's my end-game/goal (in spreading this type of good info. here anyhow)
... apk