Search the Community
Showing results for tags 'Security'.
One of the most effective ways to keep your system secure and private while on the web is to implement a managed blacklist of sites you just won't allow your device(s) to visit. I have been developing a script that gathers data from various contributors around the web who have developed lists of badware web sites, and compiles the info into a blacklist of sites you REALLY DO NOT want to visit. The result is pressed into service by a very simple process: Adding blacklist entries into your hosts file. Windows uses the file %SystemRoot%\System32\drivers\etc\hosts. to allow you to pre-load your DNS cache. The intent is that if you have a server you'd like to name, but the name isn't provided by an online DNS service, you can name it in your hosts file. But what the hosts file can ALSO do is allow you to redirect name resolution to 0.0.0.0 for any number of sites that serve malware, ads, track you, or just deliver things you don't want to see. An attempt to access that named site just fails. Your computer never contacts it. If you put the right list into your hosts file, your system will automatically, and most importantly without noticeable ongoing overhead, just avoid visiting badware sites. That's it. It doesn't require decisions by you, and it doesn't cause extra software to run. And there's no cost; the information is freely available - and surprisingly well maintained. What you see in a practical sense is that your browsing experience becomes free from ads, you no longer see viruses and malware trying to come in, and your browsing experience even gets faster. No kidding. Let's say, for example, that a badware site is www.iservemalware.com... Maybe links to www.iservemalware.com are embedded in other people's web pages, in ad slots, for example, or in things you fear your kids might click on. Maybe it shows up as a link in an eMail. Or even worse, html that just opens the site as soon as you view the message. It'd be nice if something would just stop your computer from visiting such a bad site, right? One entry in the hosts file will do just that: 0.0.0.0 www.iservemalware.com Boom, your computer won't visit the online server for www.iservemalware.com again. Maybe you've already even added some of your own badware sites you've run across to your own hosts file. But wouldn't it be great if you could combine the web browsing experiences of other folks out there too? There are literally tens of thousands of bad web sites. Seriously. But that number is not infinite! I present to you, free of charge and with no strings attached, my HostsCompiler script: http://Noel.ProDigitalSoftware.com/files/HostsCompiler.zip It retrieves badware site data, processes it into a minimum size blacklist, and augments your existing hosts file. I've tested it on 64 bit Windows 7, 8.1, and 10, though it will probably also work on 32 bit systems and Vista and XP. To set it up: Unzip all the files into the same folder, open an elevated command prompt, CD into that folder, run HostsCompiler.bat by typing its name, it will prompt you to continue, and it will immediately go out and find lists of badware / malware / adware sites from online sources and add them to your hosts file. You'll be instantly protected against visiting nearly 50,000 known badware sites. You'll notice a positive difference in your browsing experience. Run it regularly - for example by scheduling it to run every day using the Windows Task Scheduler as I do - and you'll have a "set it and forget it" system that will keep itself up to date to block the latest servers showing up online with intent to turn you into a victim. For me the script literally runs to completion in 5 seconds. The online sources this script obtains the information from are the following at the time of this writing: http://winhelp2002.mvps.org http://malware-domains.com http://www.malwaredomainlist.com http://adaway.org http://someonewhocares.org http://pgl.yoyo.org http://www.quero.at I wish to acknowledge the fine people who publish the lists at the above sites for their contributions to enhanced online security, privacy, and browsing performance. The executables in my zip file are from the freely available GnuWin32 toolkit plus one I've written (SHOWTIME, a tiny command line executable for displaying the current time/date), and the script is editable and readable, with plenty of comments. It's designed to coexist with whatever else you do with your hosts file. If you have even the slightest worry over running this, I ENCOURAGE YOU to research the executables online and open HostsCompiler.bat in a text editor and learn how it works. Those of you wishing to schedule regular HostsCompiler runs will be interested in this excerpt from the script: :: Synopsis: :: :: HostsCompiler NoPrompt :: :: NoPrompt - (Optional) If specified, will avert the request for confirmation. :: :: :: Suggest scheduling this job with a command line similar to: :: :: HostsCompiler NoPrompt >>C:\Some\Path\HostsCompiler.log 2>&1 :: Be aware that this is batch script and that altering your hosts file is a bit geeky. It requires a little knowledge about how Windows works and the exercise of some care. Don't use this if you don't feel comfortable with manipulating files on your computer. Please let me know if you have any problems or suggestions about things that could be improved. I'd love to hear your experiences with this method of enhancing security. Mine have been good. After running this, if you find a site you'd like to visit no longer works, there are ways to determine what the host name is and whether it's being blocked by a hosts entry - e.g., choose F12 developer tools in Internet Explorer, go to the Network tab, enable tracing, navigate in your browser, and look for a Result of (Aborted) - and you need only comment out the entry in your hosts file to restore access. -Noel
The Department of Homeland Security has advised that PC owners uninstall Apple's QuickTime for Windows, after two vulnerabilities were discovered in its code. Because Apple is no longer updating the Windows version of the software, the DHS says "the only mitigation" is to remove the software entirely, or else risk "loss of confidentiality, integrity, or availability of data, as well as damage to system resources or business assets." More information: The Verge
Guest posted a topic in Software HangoutI've been using Kerio Personal Firewall v2.1.5 (not the later Kerio's) all the way back to when it was called Tiny Firewall. I absolutely love it. I've tried many over the years and have come away disappointed after being spoiled by such a wonderful product. I'm looking for something similar to Kerio but perhaps a bit more hardened. Kerio has been EOL for ages. It must be as configurable as KPF. That it to say; it must alert me to each and every connection attempt, to define what program making the connection, what IP(s), port number, what type...UDP, TCP or ICMP and type of ICMP, incoming, outgoing or both directions, etc. Most of these must be definable in the firewall alert. It always can't be bloated. KPF is 3 files, totally 980 KB (not counting the help file). I might have asked this before and not looking for miracles just anything close and nothing bloated but I don't expect miracles like 980 KB. .
I know there is a place on this site where Windows Unofficial Updates are available (especially those for XP) Would someone please let me know that URL so I can bookmark it. I'd like to continue using XP and keep it updated, especially with the security patches) Thanks, tlcmd