[Dshield] OT: Discussion forums for spyware,adware andmalware in general?

Bert Sinclair BSinclair at rmin.riss.net
Thu Dec 4 15:43:11 GMT 2003

You said,  "..I add that server name to my hosts file and route it
somewhere nice and null." Can you give me an example of that entry.
Also, what is GPO ?

Thank you, very much..

>>> bjorn at thechemistrylab.com 12/3/2003 12:48:39 PM >>>
> Personally I am for tracking down the authors, and throwing them a
> beating. Or we can raid their homes and take their computers. Hell,
> RIAA can do it without a warrant, so can we.
> But what confuses me, doesn't spy/ad/mal/scum-ware violate the dmca?
> should start class action lawsuits against spammers and
> Heck I could always use a new car, why not get some money from the
> nuisance since mosquitos.

Spyware has nothing to do with copyrights and everything to do with
of privacy and consumer protection. Leave the DMCA out of it, it will
make things worse.

The best defense against spam and spyware is education. Teach people
not to
buy things advertised in spam or in popup ads. Teach people not to
click Yes
or Ok to every message that pops up on their computer. Teach people how
set Internet Explorer to not install things that they see on websites.
them to use Windows Update.

If it weren't profitable they wouldn't be doing it.

I have 4 lines of defense against spyware:

1. hosts file
2. firewall logs
3. GPO
4. Ad-Aware (or insert another anti-spyware program here)

Anytime some malware pops up wanting to install on my machine I add
server name to my hosts file and route it somewhere nice and null.

I check my firewall logs daily for autoupdate attempts, these are
obvious at
night when no one is at their computer. I add those server names to my

I use the GPO to set my users' IE to more secure settings, disable
on demand, increase privacy settings, and in general lock down IE to

Anytime one of my users complains about IE acting weird, seeing too
many ads
or explorer having some strange search bar on it, I probably know about
already. I install ad-aware, wipe the beast clean and tell the user how
run ad-aware.

Blocking these spyware servers at the border is a great way to detect
halt the encroachment of spyware.

list mailing list
list at dshield.org 
To change your subscription options (or unsubscribe), see:

This e-mail and any files transmitted with it are the property of Rocky 
Mountain Information Network (RMIN), are confidential, and are intended 
solely for the use of the individual or entity to whom this e-mail is 
addressed.  If you are not one of the named recipient(s), or otherwise
have reason to believe that you have received this message in error, 
please notify the sender at (800) 821-0640 and delete this message
immediately from your computer.

More information about the list mailing list