How do I get the IP address of different spyware.
Thank You.
How do I get the IP address of different spyware.
Thank You.
On Thu, 03 Jul 2003 01:11:20 GMT, "d11@anywhere.com" <> wrote:
>How do I get the IP address of different spyware.
>
> Thank You.
http://www.geocities.com/yosponge/blockips.txt
HTH
--
siljaline
"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous sixteen-year-olds possessing infinite amounts of free time."
- Neil Stephenson, _Cryptonomicon_
On Thu, 03 Jul 2003 01:11:20 GMT, "d11@anywhere.com" <> prounounced a
fatwah thus:
>How do I get the IP address of different spyware.
From Sponge, of course.
>
> Thank You.
On Wed, 02 Jul 2003 22:04:54 -0400, siljaline <siljaline@invalid.com>
wrote:
>On Thu, 03 Jul 2003 01:11:20 GMT, "d11@anywhere.com" <> wrote:
>
>>How do I get the IP address of different spyware.
>>
>> Thank You.
>
>
>http://www.geocities.com/yosponge/blockips.txt
>
>HTH
Thanks for the help
"Lance Delacroix" <lance_delacroix@fastmail.fm> wrote...
> On Thu, 03 Jul 2003 01:11:20 GMT, "d11@anywhere.com" <> prounounced a
> fatwah thus:
>
> >How do I get the IP address of different spyware.
>
> From Sponge, of course.
Help educate a newbie. Sponge looks like a list of "bad" IP addresses you
can use with your firewall. The HOSTS file I see around here looks like a
similar list, but it's used to misdirect software to a null or false IP
address.
So which is "better"? Or what are the pros and cons of either method?
Another Lance
*****
Lance Hill wrote:
> "Lance Delacroix" <lance_delacroix@fastmail.fm> wrote...
>> On Thu, 03 Jul 2003 01:11:20 GMT, "d11@anywhere.com" <> prounounced a
>> fatwah thus:
>>
>>> How do I get the IP address of different spyware.
>>
>> From Sponge, of course.
>
> Help educate a newbie. Sponge looks like a list of "bad" IP addresses
> you can use with your firewall. The HOSTS file I see around here
> looks like a similar list, but it's used to misdirect software to a
> null or false IP address.
>
> So which is "better"? Or what are the pros and cons of either method?
>
> Another Lance
> *****
I do not know which is "better" but I find HOSTS file much easier to manage.
Tools that I use to manage it.
HOSTESS
http://accs-net.com/hostess/
Has Add, Edit, Delete, Search, Group, Import/Export and create Registry
Restricted Zone entries.
Automatically removes duplicates.
Note: The program author has commited to provide a function to validate
HOSTS entries.
HOSTS forum
http://asp.flaaten.dk/proxo/forum.asp?FORUM_ID=20
Has over 17,000 ad sites and was updated June 1st.
The only con that I can think of is that site addresses can not be a range
ie: 127.0.0.1 *.doubleclick.com will not work.
Lance Delacroix wrote:
> On Thu, 3 Jul 2003 07:39:20 -0700, "Lance Hill"
> <lltbhill@earthlink.net> prounounced a fatwah thus:
>>
>> "Lance Delacroix" <lance_delacroix@fastmail.fm> wrote...
>>> On Thu, 03 Jul 2003 01:11:20 GMT, "d11@anywhere.com" <> prounounced
>>> a fatwah thus:
>>>
>>>> How do I get the IP address of different spyware.
>>>
>>> From Sponge, of course.
>>
>> Help educate a newbie. Sponge looks like a list of "bad" IP
>> addresses you can use with your firewall. The HOSTS file I see
>> around here looks like a similar list, but it's used to misdirect
>> software to a null or false IP address.
>>
>> So which is "better"? Or what are the pros and cons of either method?
First, your time zone setting appears off. It is only 12:14PM here and
your posting time is 12:50PM.
> Yes, the HOSTS file is used to redirect DNS lookups to your own
> computer, in effect cancelling them. The result is that your computer
> can't connect because it can't complete the DNS lookup. The drawback
> to a HOSTS file is that it only works with SPECIFIC URL's, one by one;
> if you want to prevent a lookup to, to use a good example, Akamai, you
> may have to have hundreds of entries. An effective HOSTS file, by
> itself, would have to be BIG (500kb?) and would reqiure constant
> maintenance. Some people report that a big HOSTS file slows down
> their browsing significantly.
This is true in Win2K/XP systems and is due to having the local DNS service
active. Disabling this service solves the problem. I use Bind-PE for my
DNS service as my ISPs DNS servers are very slow.
http://members.shaw.ca/BIND-PE_and_ICS/
http://ntcanuck.com/
> If you use block files in a firewall, OTOH, you can directly block
> connections to large groups of consecutive IP addresses; for Akamai,
> to continue with our example, I think Sponge has ten to twenty
> entries, each of which includes multiple IPs. This handful of IPs
> could represent many hundreds of specific URLs, as you can resolve
> more than one URL to a given IP. Besides the increased efficicency of
> this method, it has the advantage of preventing spyware from
> connecting when that spyware uses an IP address instead of a URL (I'd
> imagine that this would be the preferred way of connecting using
> spyware). Thus, using a firewall with block files is more effective
> than using a HOSTS file -- IF you can be sure of the IPs!
That is a good advantage.
I use a combination of SpywareBlaster and SpyBot S&D Immunize function to
nutralize drive by hijackers.
(More than one way to skin a cat)
> Obviously, a combination of strategies is best. Another useful tool
> is DNSKong (used with eDexter), which is kind of like a HOSTS-file
> approach but using a very small file. It works by using strings
> instead of full URLs; just entering "Akamai" in a DNSKong config file
> will have the effect of preventing DNS lookups to *any* Akamai URL
> that contains the string "Akamai" (assuming appropriate positioning of
> the string inside the URL).
>
> I hope this makes sense. If you're really new to this, it's going to
> take you a while to see how everything fits together.
>>
>> Another Lance
>
> Is your name really Lance? Mine isn't. I just chose "Lance Delacoix"
> for the phallic-religious connotations.
On Thu, 03 Jul 2003 13:43:55 GMT, "d11@anywhere.com" <> wrote:
>>http://www.geocities.com/yosponge/blockips.txt
>>
>>HTH
>Thanks for the help
You're welcome, that's one of the best Spyware block IP lists you will ever see.
--
siljaline
"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous sixteen-year-olds possessing infinite amounts of free time."
- Neil Stephenson, _Cryptonomicon_
On Thu, 03 Jul 2003 15:59:15 GMT, "YK" <YKnot@home.invalid> wrote:
>Lance Hill wrote:
>> "Lance Delacroix" <lance_delacroix@fastmail.fm> wrote...
>>> On Thu, 03 Jul 2003 01:11:20 GMT, "d11@anywhere.com" <> prounounced a
>>> fatwah thus:
>>>
>>>> How do I get the IP address of different spyware.
>>>
>>> From Sponge, of course.
>>
>> Help educate a newbie. Sponge looks like a list of "bad" IP addresses
>> you can use with your firewall. The HOSTS file I see around here
>> looks like a similar list, but it's used to misdirect software to a
>> null or false IP address.
>>
>> So which is "better"? Or what are the pros and cons of either method?
>>
>> Another Lance
>> *****
>
>I do not know which is "better" but I find HOSTS file much easier to manage.
>
>Tools that I use to manage it.
>HOSTESS
>http://accs-net.com/hostess/
>Has Add, Edit, Delete, Search, Group, Import/Export and create Registry
>Restricted Zone entries.
>Automatically removes duplicates.
>Note: The program author has commited to provide a function to validate
>HOSTS entries.
>
>HOSTS forum
>http://asp.flaaten.dk/proxo/forum.asp?FORUM_ID=20
>Has over 17,000 ad sites and was updated June 1st.
>
>The only con that I can think of is that site addresses can not be a range
>ie: 127.0.0.1 *.doubleclick.com will not work.
Thank you for the links and taking the time to help.
On Thu, 03 Jul 2003 19:50:30 +0300, Lance Delacroix
<lance_delacroix@fastmail.fm> wrote:
>On Thu, 3 Jul 2003 07:39:20 -0700, "Lance Hill"
><lltbhill@earthlink.net> prounounced a fatwah thus:
>
>>
>>"Lance Delacroix" <lance_delacroix@fastmail.fm> wrote...
>>> On Thu, 03 Jul 2003 01:11:20 GMT, "d11@anywhere.com" <> prounounced a
>>> fatwah thus:
>>>
>>> >How do I get the IP address of different spyware.
>>>
>>> From Sponge, of course.
>>
>>Help educate a newbie. Sponge looks like a list of "bad" IP addresses you
>>can use with your firewall. The HOSTS file I see around here looks like a
>>similar list, but it's used to misdirect software to a null or false IP
>>address.
>>
>>So which is "better"? Or what are the pros and cons of either method?
>
>Yes, the HOSTS file is used to redirect DNS lookups to your own
>computer, in effect cancelling them. The result is that your computer
>can't connect because it can't complete the DNS lookup. The drawback
>to a HOSTS file is that it only works with SPECIFIC URL's, one by one;
>if you want to prevent a lookup to, to use a good example, Akamai, you
>may have to have hundreds of entries. An effective HOSTS file, by
>itself, would have to be BIG (500kb?) and would reqiure constant
>maintenance. Some people report that a big HOSTS file slows down
>their browsing significantly.
>
>If you use block files in a firewall, OTOH, you can directly block
>connections to large groups of consecutive IP addresses; for Akamai,
>to continue with our example, I think Sponge has ten to twenty
>entries, each of which includes multiple IPs. This handful of IPs
>could represent many hundreds of specific URLs, as you can resolve
>more than one URL to a given IP. Besides the increased efficicency of
>this method, it has the advantage of preventing spyware from
>connecting when that spyware uses an IP address instead of a URL (I'd
>imagine that this would be the preferred way of connecting using
>spyware). Thus, using a firewall with block files is more effective
>than using a HOSTS file -- IF you can be sure of the IPs!
>
>Obviously, a combination of strategies is best. Another useful tool
>is DNSKong (used with eDexter), which is kind of like a HOSTS-file
>approach but using a very small file. It works by using strings
>instead of full URLs; just entering "Akamai" in a DNSKong config file
>will have the effect of preventing DNS lookups to *any* Akamai URL
>that contains the string "Akamai" (assuming appropriate positioning of
>the string inside the URL).
>
>I hope this makes sense. If you're really new to this, it's going to
>take you a while to see how everything fits together.
>
>>
>>Another Lance
>
>Is your name really Lance? Mine isn't. I just chose "Lance Delacoix"
>for the phallic-religious connotations.
>
>>*****
>>Thanks for the help Lance.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote