Author: Risc OS (---.server.ntl.com)
Date: 06-02-01 21:39
Greetings.
Blocking Web Bugs(embeded in email and web pages)/Spyware(tracking software that is included with bogus 'freeware' that tracks your movements and sends information about you back to a central server to be sold on to spammers and ad agencies:
Spyware/Web Bugs can be blocked by using a correctly configured host file. A host file is used by your browser when trying to resolve DNS(domain name server) names ie www.google.com or www.symantec.com into an IP address. Google's is 216.239.37.100, while Symantec's is 206.204.212.133. When you first enter a DNS address into a browser it first checks the hostfile to see if it has an IP address for that DNS address, if not it will use your IPs DNS servers. This takes longer as it has send information to-and-from your ISP before d/loading anything from the address your actually trying to see. The Host Files original purpose was to allow networks to find other machines on the network more quickly. So if for example you go to www.morelerbe.com all the time you might want to add the IP address to your hostfile so that the IP doesn't need to be looked up on your ISP DNS servers. You can also add servers to it that you don't want to have access to and give them your machines loopback ip (127.0.0.1 (the DNS for this is localhost, this is already in your hostfile)). So if you didn't want to be able to access Google you would add this line to your host file:
127.0.0.1 www.google.com
Now when your browser tries to access www.google.com instead of going to 216.239.37.100 and d/loading the google rootpage it assumes that google is to be found on your machine so it tries to ask your own machine to serve googles rootpage, which of course isn't there. All you will get is a 404 error.
This is how it becomes useful for blocking spyware and webbugs. by adding known ad/spy servers to your host file and giving them your own loopback IP the spyware/webbugs will never be able to contact there remote tracking servers.
You can d/load pre-configured hostfiles filled with about 10,000 adware/spyware servers in them from various sites (see below). They also come configured with lots adult sites, so when you have children who use the computer but don't know to much about some of the system files it becomes a useful site blocker. The only drawback Hosts have in this respect is that they don't use wild cards. A wildcard is an entry like *.sextoysrus.com if it were possible to use wildcards in hostfiles it would be possible by adding *.sextoysrus.com and block access www.sextoysrus.com, ftp.sextoysrus.com, ads.sextoysrus.com, etc., etc. Instead each of these servers would requires a seperate entry which is why the host files are now getting very large. So if your looking for something to block specific sites that your children are always trying to visit the host file is useful for this, but if you don't want them to have access to any site with the word sex in for example you need a web filter that uses wildcard entries in its block file.
How to remove spyware already installed:
If you know you already have spyware installed you can remove the parasites with AD-Aware, a freeware program from Lavasoft. A lot of apps use the freeware tag when they are actually Spyware/Adware. How can u find out if the nice PD app you want to get is embeded with spyware? The answer is to go to the spyware database and use its online search to find out.
How do I get a firewall:
There are many free firewalls some r better then others and take different approaches. Some are 'Application based', which require very little user knowledge. The other type of firewall is 'Rules based', this can be hard to use for the novice and unless you know what your doing, you can easily create rules that make the firewall effectively useless. If you r new it would probably be better to use one of the application based fws below. Nuke attacks can be blocked by blocking in bound pings (ICMP echo request and echo reply). Its difficult to tell you how to do this without knowing what fw you have.
More information about HostFiles can be found at:
http://www.accs-net.com/hosts/
An up-todate hostfile can be downloaded from:
http://www.smartin-designs.com/
Freeware tools can be found at:
http://www.wilders.org/free_tools.htm
These include, Anti-Virus, Anti-Trojan, Firewalls, Browser Proxies(web filters) etc., etc.
|
|
Forum