[Dshield] OT: Discussion forums for spyware, adware andmalware in general?

Bjorn Stromberg bjorn at thechemistrylab.com
Wed Dec 3 19:48:39 GMT 2003


> Personally I am for tracking down the authors, and throwing them a good
> beating. Or we can raid their homes and take their computers. Hell, the
> RIAA can do it without a warrant, so can we.
>
> But what confuses me, doesn't spy/ad/mal/scum-ware violate the dmca? We
> should start class action lawsuits against spammers and scum-marketers.
> Heck I could always use a new car, why not get some money from the biggest
> nuisance since mosquitos.

Spyware has nothing to do with copyrights and everything to do with invasion
of privacy and consumer protection. Leave the DMCA out of it, it will only
make things worse.

The best defense against spam and spyware is education. Teach people not to
buy things advertised in spam or in popup ads. Teach people not to click Yes
or Ok to every message that pops up on their computer. Teach people how to
set Internet Explorer to not install things that they see on websites. Teach
them to use Windows Update.

If it weren't profitable they wouldn't be doing it.

I have 4 lines of defense against spyware:

1. hosts file
2. firewall logs
3. GPO
4. Ad-Aware (or insert another anti-spyware program here)

Anytime some malware pops up wanting to install on my machine I add that
server name to my hosts file and route it somewhere nice and null.

I check my firewall logs daily for autoupdate attempts, these are obvious at
night when no one is at their computer. I add those server names to my hosts
file.

I use the GPO to set my users' IE to more secure settings, disable install
on demand, increase privacy settings, and in general lock down IE to safe
levels.

Anytime one of my users complains about IE acting weird, seeing too many ads
or explorer having some strange search bar on it, I probably know about it
already. I install ad-aware, wipe the beast clean and tell the user how to
run ad-aware.

Blocking these spyware servers at the border is a great way to detect and
halt the encroachment of spyware.




More information about the list mailing list