Slashdot Mirror
Domain: stopbadware.org
Stories and comments across the archive that link to stopbadware.org.
Comments · 74
-
Re:So why should Google know...
Firefox and IE know as well unless you turned it off. https://www.stopbadware.org/fi...
-
Re:Sourceforge
That sounds incredibly shady - I'm glad I saw your warning in time. Maybe if enough people report them to stopbadware.org they can be recognized as an attack site and blocked in browsers until they clean up/shut down completely.
-
Agreed, 110% (& you're not alone)... apk
"I get exactly the same effect with my Hosts file" - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)
Excellent - You get better:
1.) Speed/Bandwidth
2.) "Layered-Security"/"Defense-In-Depth"
3.) Reliability (vs. downed or dns-poisoned redirected dns servers)
4.) Anonymity (to an extent, vs. DNS request logs + DNSBL)
5.) MULTI-PLATFORM ability to do the same (think smartphones, you can apply hosts there too)
6.) MORE EFFICIENT OPERATIONS (ring 0/rpl 0/kernelmode filtering @ THE IP STACK LEVEL, vs. ring 3/rpl 3/usermode layered on MORE INEFFICIENCY in browser addons)
7.) The ability to SHIELD OTHER APPLICATIONS from ads & threats (I used to do this using hosts for Opera before it was freewares, & Ubuntu users can do the same now (since part of it's adbanner sponsored now)& FAR MORE... good choice on YOUR part, but... there's more you can do with hosts than merely adblocking (read on)!
---
"and for those that don't understand how they work, it's pretty god damn simple." - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)
They are, & SIMPLER than editing adblock lists, that is certain... hosts are just a text file with line records you can add/remove/alter etc. as you wish with tools you already own in text editors, but also for more?
Well, you can use the app I wrote that I posted about earlier... there's a reason I am noting this, since you are NOT USING custom hosts files TO THEIR FULL POTENTIAL!
Seriously...
(The app handles filtering them vs. comments & other bloating crap hosts files makers put in (they mean well, it's usually documentation, except MVPS which puts WAY TOO MUCH B.S. in theirs), importing hosts data from reputable & reliable sources, deduplication of hosts repeat bloating entries + making the hosts use a MORE EFFICIENT parse by using smaller blocking addresses (0.0.0.0 vs. 127.0.0.1)... & more!
---
"I never make the connection to the god damn server - no ad/malware or other crap to see. " - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)
"EXACTAMUNDO" & that?
That also EXTENDS TO MALWARE LADEN SITES/SERVERS/HOSTS-DOMAINS as well as adbanners!
So - that's where you aren't using hosts to their FULL potential here (as well as the fact you can "hardcode in" your FAVORITE SITES into it, making them resolve even FASTER than remote DNS can do!)
My "APK Hosts File Engine 5.0++" does all that for you, & "automagically" IF YOU WISH (it has the option to run automatically)...
If you opt NOT to use my app? Here's the sources I import from for your reference:
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
https://spyeyetracker.abuse.ch/monitor.php
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)---
"As to updating the damn thing every week? I don't do that." - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)
Well, per what I wrote above? Vs. mal
-
Thanks Animats... apk
That's a good source of data for my custom hosts file!
I don't block Google from that list though (see my ps below).
Google used to have a site called "StopBadWare" http://stopbadware.org/ that used to list stuff for blocking (phishing/spam/malware serving/maliciously scripted KNOWN bad sites/servers/hosts-domains), but doesn't list them anymore like they used to (they only provide a searchable database for checking if a site's bad now), listing daily which sites are such.
APK
P.S.=> I left google.com unblocked though, for what I think are fairly obvious reasons (in that I use it a LOT)... apk
-
THIS is how (a better way)
20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
2.) Adblock blocks ads in only 1-2 browser family, but not all (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
https://spyeyetracker.abuse.ch/monitor.php
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)And yes: Even SLASHDOT &/or The Register help!
(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).
2 examples thereof in the past I have used, & noted it there, are/were:
-
Re:Web Forgery
PayPal is partnered with StopBadware...
-
My HOSTS updates "automagically" every 15 min.
Via a PyThon script, that does the following:
---
1.) Removes duplicates/normalizing the HOSTS file
2.) Alphabetizes it
3.) Changes the larger & slower 127.0.0.1 loopback adapter std. address MOST hosts files use typically, opting for the smaller & FASTER read in (and with no loopback, pure "blackholing" only) 0.0.0.0 address!
4.) It also removes any # comments that bloat hosts, along with "trailing nulls or blanks" many have that additionally bloat the HOSTS file.
---
Once she's read up into the DNS client cache (must turn this off for large ones like mine, currently @ 1,017,970++ entries strong), OR, into the local DISKCACHE (since it's just a filtering file for the IP Stack)?
She's fast as nobody's business!
APK
P.S.=> That's how I do it, & all that, & from these reputable & reliable sources for HOSTS file data vs. adbanners &/or KNOWN bad sites/servers/hosts-domain names:
http://www.malwaredomains.com/
https://zeustracker.abuse.ch/monitor.php?filter=online
https://spyeyetracker.abuse.ch/monitor.php
http://hosts-file.net/?s=Download
http://www.malware.com.br/lists.shtml
http://someonewhocares.org/hosts/
http://www.mvps.org/winhelp2002/hosts.htm
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN
bad servers blocked):http://www.safer-networking.org/en/download/index.html
& it works... even many slashdotters use them, by the by, & my list of 20++ points in favor of HOSTS files quotes their results as well (for some "peer evidences" from the likes of your fellow posters on this website in fact, in addition to myself).
... apk
-
There's MANY valid sources you can use
http://www.malwaredomains.com/
https://zeustracker.abuse.ch/monitor.php?filter=online
https://spyeyetracker.abuse.ch/monitor.php
http://hosts-file.net/?s=Download
http://www.malware.com.br/lists.shtml
http://someonewhocares.org/hosts/
http://www.mvps.org/winhelp2002/hosts.htm
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN
bad servers blocked)http://www.safer-networking.org/en/download/index.html
---
"You ARE a spamming nutbag" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage
Oh, really? Do you have your:
---
1.) A PHD in Psychiatry to your name/credit?
2.) A license to practice it professionally??
3.) Years-to-Decades of professional experience in the field of psychiatry???
4.) A formal examination of myself in a professional environs to make your "instant snap prognosis" of my alleged mental state according to you, the "/. SiDeWaLk PsYcHo-AnALySt"????
---
No to ALL/EACH of the above????? So much for THAT "ad hominem" effete attempt on your part directed MY way then, eh??????
I.E.-> You personally just don't have the credentials to make your assessments in calling me a nutbag, period. In fact, you're libelling me in doing so... don't you KNOW that?????? There's LAWS against it you fool!
Instead - Why don't you attempt to attack the 20 points in favor of HOSTS files I put out??????
---
Oh, that's right - YOU ALSO SAID THIS:
"although you're right about hosts files" - by drinkypoo (153816) on Thursday May 26, @01:21PM (#36252958) Homepage
That's right I am RIGHT... always am!
APK
P.S.=> Take your pick... I just happen to consolidate them ALL, into 1 file here (via a PyThon script engine that does so every 15 minutes, removing duplicates/normalizing it, and alphabetically sorting them also, & changing the larger + slower 127.0.0.1 loopback address (slower due to loopback ops) to the faster & smaller + most compatible 0.0.0.0 blackhole address instead)... apk
-
HOSTS files are superior to AdBlock &/or DNS a
This one's JUST FOR YOU, clone (disprove every single one of its points, as
---
20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/ -
Thanks 4 answer: I asked the question... apk
""IP Reputation" systems are basically a step beyond DNSBLs (which only consider things as white vs black). There is a decent explanation in Wikipedia's Sender's IP verification section of their E-mail authentication article" - by Khopesh (112447) on Saturday December 18, @01:54PM (#34601326) Homepage
Thanks - that's to BOTH yourself, and SuricouRavenn, who also replied here in regards to "IP Reputation" & what it is (I have a message for SuricouRavenn here also -> http://yro.slashdot.org/comments.pl?sid=1903798&cid=34559886 regarding Windows Defender/Microsoft Security Essentials) - thank you!
I do MUCH THE SAME as a DNSBL, albeit locally... via custom HOSTS files - here is why (long read, but detailed & I think you MAY find it, informative, possibly):
---
20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/ -
Easy to beat with a custom HOSTS file
"1) Russian criminals have control over the wikileaks.org and wikileaks.info domains and are distributing malware. The current real wikileaks website is wikileaks.ch." - by Anthony Mouse (1927662) on Saturday December 18, @08:04PM (#34603730)
ping wikileaks.ch IS YOUR FRIEND!
Enter the result of that into your custom HOSTS file (Windows: %WinDir%\system32\drivers\etc OR on LINUX: root/etc OR ON ANDROID PHONES: by mounting the system mountpoint first, w/ read + WRITE ability, & then using the SDK tool ADB to PUSH the new HOSTS file into the etc folder there, overwriting the stock-oem model)
E.G.-> (from MY "ping" result, that would go into a HOSTS file for this):
178.21.20.9 wikileaks.ch
PUT THAT INTO YOUR CUSTOM HOSTS FILE (after pinging wikileaks.ch, because the IP address you come up with MAY be different than that which I come up with here).
That's doing a "whitelisting" in your HOSTS file, w/ the proper IPAddress - to - HOST/DOMAINName resolution, so you reach that site (and, you avoid DNS request log tracking in doing so also, bonus, because you NEVER USE THE ISP/BSP (or other) DNS server, period).
---
"2) Spamhaus has been telling people about (1). 3) The Russian criminals are now retaliating by using their botnets to DDoS Spamhaus under the flag of AnonOps." - by Anthony Mouse (1927662) on Saturday December 18, @08:04PM (#34603730)
Hey - They're easy to beat too (Russian criminals), & also by using a HOSTS file...
Albeit, this time, NOT FOR WHITELISTING A SITE, but, rather for "blacklisting" the sites/servers they use or redirect you to, for loading malware onto your systems!
(Between that, & using NoScript or turning off javascript period, you ARE PROTECTED (you really only need it for database accesses when you come down to it, to do "real things" (not playtime stuff, or eyecandy) usually, after all)).
APK
P.S.=> Reputable, reliable, & regularly updated sources for blacklisting data for a HOSTS file are as follows:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)And yes: Even SLASHDOT &/or The Register help!
(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).
2 examples thereof in the past I have used, & noted it there, are/were:
-
HOSTS files are superior to AdBlock &/or DNS a
20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)And yes: Even SLASHDOT &/or The Register help!
(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).
2 examples thereof in the past I have used, & noted it there, are/were:
-
HOSTS files are superior to AdBlock &/or DNS
20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)And yes: Even SLASHDOT &/or The Register help!
(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).
2 examples thereof in the past I have used, & noted it there, are/were:
-
HOSTS files are superior to AdBlock & DNS even
20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)And yes: Even SLASHDOT &/or The Register help!
(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhack others online that is... not ALL do!)).
2 examples thereof in the past I have used, & noted it there, are/were:
-
With a HOSTS file? You don't NEED to do that...
"Reading the report, it sounds like they were just testing the browsers' databases of known malware/phishing sites" - by gman003 (1693318) on Wednesday December 15, @03:51PM (#34565790)
Per my subject-line above? With a GOOD UP-TO-DATE HOSTS FILE?? You don't even NEED to do that!
I update mine daily, from these reliable & reputable sources (for blocking out KNOWN bad sites/servers/host-domain names etc.):
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)And yes: Even SLASHDOT &/or The Register help!
(Via articles on security (when the source articles they use are "detailed" that is, & list the servers/sites involved in attempting to bushwhacker others online that is... not ALL do!)).
2 examples thereof in the past I have used, & noted it there, are/were:
http://it.slashdot.org/comments.pl?sid=1898692&cid=34473398
http://it.slashdot.org/comments.pl?sid=1896216&cid=34458500---
So, IF/WHEN you have a HOSTS file that has up to date blocking data in it? There's really no real need to do "browser based checks" of URL's, other than for "layered-security" purposes (which isn't a BAD THING TO DO, & it's the "current trend" for better security online).
Besides: IE, FireFox, and Opera ALL have methods for blocking out known bad sites already:
---
Opera has URLFILTER.INI (Spybot S&D populates this, alongside the Opera community doing updates to it too)
FireFox has an analog to Opera's filter file (which is what SpyBot S&D populates alongside a HOSTS file too vs. known bad sites)
IE has "restricted zones"
---
Still - the folks @ MS doing this in IE9 (which I use here)? Not a bad thing at all, for "layered-security"...
APK
P.S.=> Even the folks @ WIKIPEDIA aren't against blacklists like HOSTS:
---
PERTINENT QUOTE/EXCERPT (from -> http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/ )
"we are in favour of 'Blacklists', be it for mail servers or websites
---
Why? Well, because they work... especially for layered security online... apk
-
Re:42
Sorry to say it bluntly but just like Google Instant, the malware detection is one of those features geared towards the ignorant (trying to use a "neutral" word there).
Maybe geared towards, but not totally useless to everyone else. I browse in a VM, all plugins disabled, with the browser sandboxed inside the VM (that makes two times). I prefer being warned by Google -- actually, it's not by Google -- simply because I now know the goal of the website. It's invaluable if you browse the shadier sections of the web, which I'm doing 50% of the time.
-
Get a custom HOSTS file, it helps... apk
"I'm starting to hate the internet. More and more it seems like the internet is turning into one big bug in the ass. I have to specifically opt out of fucking invasive bullshit toolbars that I didn't ask for, had no interest in, and no desire to have corrupting my machine. I got an idea for all you assholes who think that is the way to make money....HOWS ABOUT YOU WORK ON PROJECTS THAT MAKE US FREER RATHER THAN FURTHER CONFINE OR TRACK US??? Is it really so much to ask to be able to scan, upload, download, chat, skype, mud, "be on the web" without fear of being constantly surveiled? I'm not a tree. My psychological profile, shopping habits, surfing habits, political interests, are not "fruit" to be picked and sold on the market, and as such ARE NONE OF YOUR FUCKING BUSINESS!!! If I want your shit, I will use the most powerful investigatory tool humankind has ever invented, find it myself, and possibly even buy it! If what you had to offer was worth having I might even buy it again. But, until that point, LEAVE ME THE FUCK ALONE!
-Oz" -
Ok, then YOU of all people, want to read this (not selling anything here, HOSTS files free & you already have one (you just have to fill your OS' copy of your HOSTS file w/ the right data to stop a lot of the problems you complain of online, & reputable + reliable sources for currently updated HOSTS files are below)):
16++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/ -
They can't touch me, & here is HOW/WHY
From the source article, I obtained their server's domain/hostnames and nameservers, which I now have added to my custom HOSTS file... & blocked out, thus:
0.0.0.0 greatfull-toolss.ru
0.0.0.0 ns1.reg.ru
0.0.0.0 ns2.reg.ru
0.0.0.0 greatfull.ru
0.0.0.0 ns1.arbusi-host.net
0.0.0.0 ns2.arbusi-host.net
0.0.0.0 hellcomeback.ruThey're not going to get to ME, because I cannot get to they now... & what I can't touch, I cannot be "burned" by, simple!
HOSTS as blacklists, work! Some evidences & cases why you may be interested in implementing such protective (and speed gaining features too) measures:
---
15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download -
metrix007 disprove these points then on HOSTS
"Kid, you have no idea what you're talking about... You are strongly misinformed on several points. I can't be bothered to respond to you, (i.e. feed the troll) because I don't think it would be worth my time. You're obsessed, and not interested in rational discussion - by metrix007 (200091) on Monday December 06, @07:03AM (#34458496)
Ok, you FINALLY came back in, & NO: I am TRULY interested in "rational discussion", not avoiding it (as you obviously are with your 2 trollish replies here in this thread), so with that said? Disprove each of these 15 points on HOSTS files then:
15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.ab -
Thanks for the info.: Why? See inside... apk
Thanks for supplying the bogus domains information. I checked on yourisp.ru, and sure enough - a known bogus malware domain/host name. It's blocked out here now, alongside payment8ltd.net, & how? Here is HOW & WHY:
15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)8.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
9.) AdBlock & DNS servers are program
-
I never see their crap. How? Block spammer domains
What blocks off known bogus sites/servers or entire hostnames/domains better than anything (because it's not a program, and because it's just a filter that operates @ the IP Stack level, and covers ALL your webbound programs, plus mine at least gets updated from reputable & reliable sources, daily): a custom HOSTS file.
You've also already got one, whether you all know it or not, & it's just a matter of either downloading a prebuilt on (sources are below), or filling one in yourself, and yes, they work even vs. spam mail (& better than adblock does, because that only covers browsers it's designed for (maybe 1-3 of them), but not external HTML + script based external email programs, like Outlook Express/FULL Outlook)).
15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spyb -
At least you were "modded up" for HOSTS use... apk
15++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/REGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu]
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)8.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
9.) AdBlock & DNS servers are programs, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.
10.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs.
11.) HOSTS files are E
-
If users understand text files, they do
"Or better yet, WTF are host files? Non-techs can sort of understand ABP, as it is an add-on that stops bad or all ads. Host files, no way an average computer user would understand them or utilize them." - by stonewallred (1465497) on Wednesday December 01, @10:40AM (#34404550)
Take a GOOD solid read (and if still in doubt? Refer to this mvps.org link -> http://www.mvps.org/winhelp2002/hosts.htm (it has a great writeup that's EASILY UNDERSTOOD & very detailed, on HOSTS)) - this will show you how/why HOSTS files are superior to AdBlock or even DNS servers on MANY accounts (and why you ought to use them in combination for the "best in 'layered security'" practices online!
14 ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.stopbadware.org/homeREGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu] -
If users understand text files, they do
"Or better yet, WTF are host files? Non-techs can sort of understand ABP, as it is an add-on that stops bad or all ads. Host files, no way an average computer user would understand them or utilize them." - by stonewallred (1465497) on Wednesday December 01, @10:40AM (#34404550)
Take a GOOD solid read (and if still in doubt? Refer to this mvps.org link -> http://www.mvps.org/winhelp2002/hosts.htm (it has a great writeup that's EASILY UNDERSTOOD & very detailed, on HOSTS)) - this will show you how/why HOSTS files are superior to AdBlock or even DNS servers on MANY accounts (and why you ought to use them in combination for the "best in 'layered security'" practices online!
14 ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK:
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
7.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.stopbadware.org/homeREGULARLY UPDATED HOSTS FILES SITES (reputable/reliable sources):
http://www.mvps.org/winhelp2002/hosts.htm [mvps.org]
http://someonewhocares.org/hosts/ [someonewhocares.org]
http://hostsfile.org/hosts.html [hostsfile.org]
http://hostsfile.mine.nu/downloads/ [hostsfile.mine.nu] -
HOSTS files benefits (over AdBlock &/or DNS ev
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
4.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
5.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
6.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
http://ddanchev.blogspot.com/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
8.) AdBlock is a program, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.
9.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content.
10.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)
11.) You don't have the sourcecode to Adblock. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).
12.) Hosts files are easily secured via using MAC/ACL &/or Read-Only attributes applied.
13.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF
-
HOSTS files benefits (over AdBlock &/or DNS ev
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
4.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
5.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
6.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
http://ddanchev.blogspot.com/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
8.) AdBlock is a program, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.
9.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content.
10.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)
11.) You don't have the sourcecode to Adblock. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).
12.) Hosts files are easily secured via using MAC/ACL &/or Read-Only attributes applied.
13.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF
-
HOSTS files are superior to AdBlock & how/why
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
4.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw for years now - hosts protect against that via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
5.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
6.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
http://ddanchev.blogspot.com/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
8.) AdBlock is a program, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.
9.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content.
10.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)
11.) You don't have the sourcecode to Adblock. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).
12.) Hosts files are easily secured via using MAC/ACL &/or Read-Only attributes applied.
13.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name
-
HOSTS files are superior to AdBlock & how/why
1.) Adblock blocks ads in only 1 browser family (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF...).
2.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
3.) Adblock doesn't protect email programs external to FF, Hosts files do.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 4-7 next below).
4.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw for years now - hosts protect against that via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via PINGS &/or WHOIS though, regularly, so you have the correct IP & it's current)).
5.) HOSTS files protect you vs. DNS-poisoning &/or the Kaminsky flaw in DNS servers, and allow you to get to sites reliably vs. things like the Chinese are doing to DNS -> http://yro.slashdot.org/story/10/11/29/1755230/Chinese-DNS-Tampering-a-Real-Threat-To-Outsiders
6.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
http://ddanchev.blogspot.com/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://news.netcraft.com/
http://www.shadowserver.org/
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
8.) AdBlock is a program, and subject to bugs programs can get. Hosts files are merely a filter and not a program, thus not subject to bugs of the nature just discussed.
9.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content.
10.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://www.mvps.org/winhelp2002/hosts.htm ) & edited too, via texteditors like Windows notepad.exe or Linux nano (etc.)
11.) You don't have the sourcecode to Adblock. With hosts you don't even need source to control it (edit, update, delete, insert of new entries via a text editor).
12.) Hosts files are easily secured via using MAC/ACL &/or Read-Only attributes applied.
13.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name
-
Ummmm, yes... apk
"How about if - rather than an FBI warning or whatever - the site is replaced by a clone that sniffs your info or installs trojans?" - by phorm (591458) on Friday November 26, @01:29PM (#34351528) Homepage
HOSTS can also be used to block KNOWN bad websites that serve up malware:
http://ddanchev.blogspot.com/
http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts
http://news.netcraft.com/
http://www.shadowserver.org/
https://zeustracker.abuse.ch/monitor.php?filter=onlineMany of those sites have "removal lists" IF a site cleans itself up, or if it just "drops out of site"!
(The latter I don't trust though, because malware makers "recycle" domainname/hostnames they own, & the RBN (russian business network) though thought 'dead'? Has had it's domain/host names reused by ANOTHER botnet recently!)...
Thus, I add those sites that are known as serving up malware exploits as BLOCKED in my HOSTS file, and I can't get to them, until they're proven clean (I don't remove ones that just "drop" because they've been shown to get "recycled/reused").
APK
P.S.=>
"And when the server gets bushwhacked instead of the domain, and they move to a new host - but you're still getting the old IP from your hosts file - then what?" - by phorm (591458) on Friday November 26, @01:29PM (#34351528) Homepage
I again confronted you today on this, as to HOW you were "modded up" here -> http://slashdot.org/comments.pl?sid=1887878&cid=34387450 because I already covered the other part in my initial reply with this statement (as to sites changing IP addresses) requoted, again, below next:
"& if they change it again? Re-Ping (with a double verifying WHOIS) said site & the TLD that does NOTHING but resolve hosts/domains to their correct IP will give you a correct IP address (provided you're NOT being "man-in-the-middle" attacked) to reinsert into your hosts file to update it..." - by Anonymous Coward on Friday November 26, @12:36PM (#34351132)
As to verifying IP addresses changing on sites.
So, if a site also is proven to harbor malware exploits?? A custom HOSTS file is also used to block those out until they are proven CLEAN... get it??
I don't see HOW/WHY you were modded up, because I cover the 1st point & anyone that knows how to use a HOSTS file knows it can be used to BLOCK OUT BAD SITES/SERVERS THAT SERVE UP EXPLOITS TOO, per the above... apk
-
Agreed on DNSSEC, but until then?
I use a "hard-coded" HOSTS file entry for my "fav" websites (like this one for example) that allows me to reach what ping'd off as "legit" @ the start of the year here, and remains so today (which is how I validate it, against the TLD that does nothing but resolve IP addresses to their correct domainname/hostname).
Additionally: This allows me to also reach them faster by not making DNS requests for them, which involves turn around response times from DNS servers, which this technique avoids said "lag"...
(Especially since 200 of my favs. are done thus in my HOSTS file, and I block out KNOWN bad sites/servers in it as well to avoid "sucking in" malscripted or other types of exploits via malevolent people)
This practice also allows me to be less "trackable" (sure, I'm still trackable by ISP/BSP, but not as easily) since I am NOT showing up on DNS request logs for my favs (where I spend a GOOD 95% of my time online each day anyhow).
Lastly, this practice also allows me to reach said sites IF my DNS servers I do use "go down" or are "misdirected" via the Kaminsky 'hack' (since they're hardcoded)... I do so, because I can't do the entire net in my HOSTS file as "hard-codes"!
Now, IF a site I like & hardcode "turns up bad" or "infected"? I get notification via the sources listed below
As far as DNS servers though?
Well, I use either ScrubIT DNS or OpenDNS (both are good & fast + per many DNS flaws, OpenDNS is KNOWN to "patch right away" if possible + they DO pay attention to blocking out various forms of "questionable" or "threatening" material). I also "alternate them", periodically, between those 2 (for avoiding tracking a BIT better, yes, & even from they, via DNS requests logs).
APK
P.S.=> What I do know though, is that it makes me FASTER online & SAFER TOO, by far!
My friends + family & even customers, plus others in forums I have "turned on" to this very old technique (that nowadays seems forgotten) also note it!
E.G.-> My best pal says "my online speed has DOUBLED using HOSTS files" & he used to get 200++ infestations a month (no joke) & he's down to MAYBE 2 a yr. now using HOSTS alone! We even setup his system for 8++ months without a firewall, on older Windows 2000 unpatched, & no firewall... he still had a much lower infection rate!
I also block out adbanners (sorry webmasters - I pay for my online time out of my own pocket)
I want ALL the speed I pay for, & I get a "no commercials/HBO internet" this way, much faster & safer too (since adbanners have been found w/ malicious script content in them many times the past 4-5 yrs. now no less),
This also protects myself vs. the "Kaminsky security crack" in DNS, noted above!
I also protect users & myself via HOSTS files, vs. KNOWN bad sites, via these reputable sources (others too, but here are the "bulk" of them I use to populate my HOSTS file for these purposes):
http://ddanchev.blogspot.com/
http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts -
I add between 50-2000 new bad sites a day... apk
To a custom hosts file: That tell you anything? It used to only be that many a month years ago prior to I'd say, 2004 or thereabouts...
Additionally, to so do, I'm still using the same decent sources as well as my own I built up from the same sources since 1997:
Spybot Search & Destroy's "IMMUNIZE" feature
http://ddanchev.blogspot.com/
http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts
http://news.netcraft.com/
http://www.shadowserver.org/
https://zeustracker.abuse.ch/monitor.php?filter=onlineToday/Nowadays? It's worse than it was as far as PC's being @ risk online just on sheer numbers of bogus sites or even banner ads that are maliciously scripted in intent. Just on sheer numbers alone.
APK
P.S.=> In summation, all I can tell you, from my "POV" of making a hosts file full of known malware or maliciously scripted sites for a LONG time now is, it's gotten worse, & is happening FAR faster than it used to be (more folks understand coding now is why most likely & the tools are simpler/better too), & I've been building up a closing in on 1 million bogus sites based HOSTS file for over 14 or so years now as my basis in fact here is all...
-
I don't know about 1 million in Q2 2010, but...
"Web anti malware firm Dasient has published data claiming that more than 1 million Web sites were compromised in the second quarter, 2010 - a sharp increase. *In Sean Connery's James Bond voice* Of course they have." - by AnonymousClown (1788472) on Thursday September 16, @12:25PM (#33600940)
I don't know about THAT, however? Well - I DO know that my personal custom HOSTS file is nearly @ 1 million absolutely unique entries of known bad sites/servers, and it took me nearly 10++ yrs. now to get it to that # no less!
I populate it from very reputable & reliable sources listed below:
----
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts
http://news.netcraft.com/
http://www.shadowserver.org/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://en.wikipedia.org/wiki/Hosts_file
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home+ Spybot "Search & Destroy" IMMUNIZE feature add ons also...
----
In fact, as far as growth this summer alone? It's been more than usual, and last summer last year was the same it seems/iirc too...
However: Ahem - 1 million++ new known bad sites &/or servers, & in just 1 quarter?
(Hey, anything's possible, but that's a bit "excessive/steep" imo @ least... still, one never knows! Still, I somehow DOUBT it's that bad out there. Yes, it's bad, but not THAT bad... I don't think so @ least, and I tend to keep pretty steady-eddy tracking of this up (for over 10++ yrs. now @ sites & sources such as those listed above via populating my custom HOSTS file for both added security AND added speed))
I.E./E.G.-> The # of entries of known bad sites &/or servers in my HOSTS file, which a great deal of came from my sources listed above no less, had grown this year from July 15th 2010 to Sept. 15th 2010 by almost 18,000 entries alone at the tail-end of this summer alone (up to 881, 543++ total entries, & gaining typically between 50-250 more each day).
It's crazy out there now, but it doesn't affect "me or mine", because I cannot be hurt by that which I cannot enter to get hurt by it, such as a bad website that's malscripted or bears a malware, because that's what HOSTS files do, at least part in the way of security (and more for speed such as adbanner blocking (which also helps security too, because many a banner ad has been found with malicious code in it too the past few years now as well), and site IP-to-URL hardcoding): HOSTS files, if done right, can keep you from getting burned in a bogus kitchen, so-to-speak!
Still - 1 million++ new known bad sites in just 1 quarter this year 2010? I have trouble with that estimation, in believing it to be blunt about it, & yes, I have been looking at this type of data for quite a long time now (over 10++ yrs. in fact, in making a custom HOSTS file to protect vs. this type of lunacy).
APK
P.S.=> Since I
-
I don't know about 1 million in Q2 2010, but...
"Web anti malware firm Dasient has published data claiming that more than 1 million Web sites were compromised in the second quarter, 2010 - a sharp increase. *In Sean Connery's James Bond voice* Of course they have." - by AnonymousClown (1788472) on Thursday September 16, @12:25PM (#33600940)
I don't know about THAT, however? Well - I DO know that my personal custom HOSTS file is nearly @ 1 million absolutely unique entries of known bad sites/servers, and it took me nearly 10++ yrs. now to get it to that # no less!
I populate it from very reputable & reliable sources listed below:
----
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts
http://news.netcraft.com/
http://www.shadowserver.org/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://en.wikipedia.org/wiki/Hosts_file
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home+ Spybot "Search & Destroy" IMMUNIZE feature add ons also...
----
In fact, as far as growth this summer alone? It's been more than usual, and last summer last year was the same it seems/iirc too...
However: Ahem - 1 million++ new known bad sites &/or servers, & in just 1 quarter?
(Hey, anything's possible, but that's a bit "excessive/steep" imo @ least... still, one never knows! Still, I somehow DOUBT it's that bad out there. Yes, it's bad, but not THAT bad... I don't think so @ least, and I tend to keep pretty steady-eddy tracking of this up (for over 10++ yrs. now @ sites & sources such as those listed above via populating my custom HOSTS file for both added security AND added speed))
I.E./E.G.-> The # of entries of known bad sites &/or servers in my HOSTS file, which a great deal of came from my sources listed above no less, had grown this year from July 15th 2010 to Sept. 15th 2010 by almost 18,000 entries alone at the tail-end of this summer alone (up to 881, 543++ total entries, & gaining typically between 50-250 more each day).
It's crazy out there now, but it doesn't affect "me or mine", because I cannot be hurt by that which I cannot enter to get hurt by it, such as a bad website that's malscripted or bears a malware, because that's what HOSTS files do, at least part in the way of security (and more for speed such as adbanner blocking (which also helps security too, because many a banner ad has been found with malicious code in it too the past few years now as well), and site IP-to-URL hardcoding): HOSTS files, if done right, can keep you from getting burned in a bogus kitchen, so-to-speak!
Still - 1 million++ new known bad sites in just 1 quarter this year 2010? I have trouble with that estimation, in believing it to be blunt about it, & yes, I have been looking at this type of data for quite a long time now (over 10++ yrs. in fact, in making a custom HOSTS file to protect vs. this type of lunacy).
APK
P.S.=> Since I
-
Re:Badware?
Disregard my parent post. I googled "Badware" and it is a widely used term I wasn't familiar with. The likes of Google, Mozilla, Lenovo, PayPal, VeriSign, Sun, Consumer Reports are on board for this nonprofit StopBadware.org.
From their help page: "What is badware? Badware is software that fundamentally disregards a user's choice regarding how his or her computer will be used." Sounds about right.
-
Re:Badware?
While I agree with you that making up words is annoying, badware is different from malware: http://stopbadware.org/home/badware
It's a broader term that includes adware as well as directly malicious software. I don't think malware has the same scope.
-
Inadequate disclosure
The real problem with this is that the University is asking the student to download and run software without properly identifying what it does. That's called "badware" by StopBadware, run by the Harvard Law School, Consumers Union, etc. Phrases like "exceeds authorized access" apply. And remember, this is a state school; they face the legal constraints on state actors. For example, the rule that "Most political advocacy is unacceptable" is a blatant First Amendment violation as applied to students. Report that to EULA Watch and the ACLU. The ACLU is already dealing with some other suppression of free speech by the CMU administration, so this probably won't surprise them.
It's not even clear whose Client Security Agent they're talking about. There's one from Cisco, one from Bradford, and one from Microsoft. The description mentions that it turns on Microsoft's automated updating. That means all the latest Microsoft security holes (like the one that makes Firefox execute Microsoft
Someone compared this to working for a company. It's not. As a student, you're the customer, not an employee. Also, in a corporate setting, if Central IT messes up your desktop machine, Central IT has to fix your desktop machine.
-
Re:their check site failed
And here I have a way to show it was not offtopic at all: http://blog.stopbadware.org/2009/01/31/google-glitch-causes-confusion In fact I was right.
-
Re:Explanation from official Google Blog
The quote posted here does not correspond to the linked blog entry anymore, as the blog was updated. Essentially, it now states the list with the error was not provided by StopBadware.org, but created by Google themselves.
The changed part:
We maintain a list of such sites through both manual and automated methods. We work with a non-profit called StopBadware.org to come up with criteria for maintaining this list, and to provide simple processes for webmasters to remove their site from the list.
We periodically update that list and released one such update to the site this morning.
The issue is also explained on StopBadware.org's blog.
-
google and stopbadware.org playing blame pong
http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html... We periodically receive updates to that list and received one such update to release on the site this morning. Unfortunately (and here's the human error), the URL of '/' was mistakenly checked in as a value to the file and '/' expands to all URLs.
http://blog.stopbadware.org/2009/01/31/google-glitch-causes-confusion... Google generates its own list of badware URLs, and no data that we generate is supposed to affect the warnings in Google's search listings. -
Re:Broke the internets!
Google and Stopbadware.org have both posted blog entries on this:
http://blog.stopbadware.org/2009/01/31/google-glitch-causes-confusion
http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html
Apparently, someone checked-in a catch-all pattern '/' to their blacklist file. -
Re:Credit where credit is due
Google is the only legitimate company I've seen that auto-updates desktop software silently. Arguably, Google's implementation qualifies as badware for these reasons:
- The fact that it auto-updates is disclosed only in the EULA, not separately from the EULA, as required by Method of Disclosure and Consent.
- In violation of Software Which Installs Deceptively, the auto-updater makes substantive changes to the application, silently downloads, and does not clearly disclose the auto-updates during the initial install.
- Previously, Google Updater was left behind when Chrome was uninstalled, in violation of Software Which Is Not Easy To Uninstall Completely.
Microsoft gets a lot of things wrong, but at least it lets you reject a patch you know is going to break something that you need.
-
Re:Credit where credit is due
Google is the only legitimate company I've seen that auto-updates desktop software silently. Arguably, Google's implementation qualifies as badware for these reasons:
- The fact that it auto-updates is disclosed only in the EULA, not separately from the EULA, as required by Method of Disclosure and Consent.
- In violation of Software Which Installs Deceptively, the auto-updater makes substantive changes to the application, silently downloads, and does not clearly disclose the auto-updates during the initial install.
- Previously, Google Updater was left behind when Chrome was uninstalled, in violation of Software Which Is Not Easy To Uninstall Completely.
Microsoft gets a lot of things wrong, but at least it lets you reject a patch you know is going to break something that you need.
-
Re:Credit where credit is due
Google is the only legitimate company I've seen that auto-updates desktop software silently. Arguably, Google's implementation qualifies as badware for these reasons:
- The fact that it auto-updates is disclosed only in the EULA, not separately from the EULA, as required by Method of Disclosure and Consent.
- In violation of Software Which Installs Deceptively, the auto-updater makes substantive changes to the application, silently downloads, and does not clearly disclose the auto-updates during the initial install.
- Previously, Google Updater was left behind when Chrome was uninstalled, in violation of Software Which Is Not Easy To Uninstall Completely.
Microsoft gets a lot of things wrong, but at least it lets you reject a patch you know is going to break something that you need.
-
Re:Credit where credit is due
Google is the only legitimate company I've seen that auto-updates desktop software silently. Arguably, Google's implementation qualifies as badware for these reasons:
- The fact that it auto-updates is disclosed only in the EULA, not separately from the EULA, as required by Method of Disclosure and Consent.
- In violation of Software Which Installs Deceptively, the auto-updater makes substantive changes to the application, silently downloads, and does not clearly disclose the auto-updates during the initial install.
- Previously, Google Updater was left behind when Chrome was uninstalled, in violation of Software Which Is Not Easy To Uninstall Completely.
Microsoft gets a lot of things wrong, but at least it lets you reject a patch you know is going to break something that you need.
-
Re:I prefer another form of protest
If you take a look at Google's stopbadware faq, this is clearly the type of software that falls within their category.
What is badware?
An application is badware if it acts deceptively or irreversibly, or if it engages in potentially objectionable behavior without prominently disclosing this behavior and obtaining the user's affirmative consent.
Badware is software that fundamentally disregards a user's choice over how his or her computer will be used. There are several commonly recognized terms for types of badware - spyware, malware, and deceptive adware. Common examples might be a free screensaver that surreptitiously generates ads, or a malicious web browser toolbar that makes your browser go to different pages than the ones you expected. Some badware is harder to spot, such as keylogger programs that can transmit personal data to malicious parties. To learn more, click here.
Why badware, and not malware, spyware, adware, or another more commonly recognized term?
We decided to call ourselves StopBadware.org, and emphasize the term badware, because we want to be a 'big tent.' We want to attack all forms of badware, not just software that steals your information (spyware) or software that pops up unexpected ads (deceptive adware). Terms like spyware or malware don't fully capture the violation of user choice that is key to our definition of badware.
Read that one last sentence especially: "Terms like spyware or malware don't fully capture the violation of user choice that is key to our definition of badware."
We all need to report them to google as a badware site.
http://www.google.com/safebrowsing/report_badware/Also, do report third party web sites that link directly to their trial download executables, those are badware sites as well if they fail to mention that those trials (1) contain DRM and (2) that this DRM will continue to hog live resources long after that game has been uninstalled through their uninstaller. However, if those third party web sites do disclose those two facts, please do not report them, full disclosure is what we want, those sites that are honest in their disclosures should go up in ranking, and the ones that are dishonest should go down in ranking (and should be blacklisted until they eventually correct their information).
-
Re:I hate that Google can do this
I would assume the original AC is lying because Google's practices on filtering bad sites were disclosed long ago on http://www.stopbadware.org/
-
DNS exploit affects OSX 10.x and up
http://www.juniper.net/security/auto/vulnerabilities/vuln30131.html
That's a whopping list of vulnerable stuff there.
I wonder if Apple took a survey, of who was still using older versions.
I have read probably over 40% of internet users don't use updated browsers. http://blogs.stopbadware.org/articles/2008/07/01/forty-percent-of-users-use-insecure-web-browser
If that many users can't update browsers, how many can update their OS? Especially since browsers (and updates) are mostly free, you'd think they'd be more likely to be updated! -
Re:Google reporting
The browser periodically downloads a list of known malware sites from Google (same source as the list of phishing sites). If you press the 'Why was this site blocked?' button, it takes you to the relevant report at StopBadware.org (which is supported by Google). It doesn't send every URL you visit to Google (the phishing protection in Firefox 2 had an option to do that for real-time checking but it's been removed in version 3 because no-one used it and it was too resource intensive).
-
Re:Maybe Goole should delist a few sites.
They have an initiative already with StopBadware, there's a quick article here.
-
Re:Forcing badware on users ?Forcing badware on users ?
thanks Yahoo!
http://www.stopbadware.org/reports/reportdisplay?reportname=realplayer01282008 Rhapsody != RealPlayer. You and the idiots that wasted modpoints on your post don't know what the fuck you're talking about.