funsec mailing list archives
Re: Malvertising
From: "Daniel H. Renner" <dan () losangelescomputerhelp com>
Date: Wed, 12 Dec 2007 12:54:58 -0800
By default, your computer looks to find where a website is located by first looking at a file on your own computer, then by asking a server where it is, only then can your computer display that website.
What if that file on your computer told your web browser a site didn't exist? You would never get there from here!
Now, if a known good website has a command in it to make your web browser visit another website that is known to contain crapware, and that file on your computer told your web browser that it doesn't exist - you would never get infected... Nice, eh?
Now this is a file you yourself would have to regularly update as the list of known crapware sites is always increasing. So if you're interested in protecting yourself more, visit this website:
http://www.mvps.org/winhelp2002/hosts.htm Works on any operating system. Follow the instructions and you will do fine. --- Sincerely, Daniel H. Renner President Los Angeles Computerhelp A division of Computerhelp, Inc. 818-352-8700 http://losangelescomputerhelp.com Gregory Hicks wrote:
Date: Tue, 11 Dec 2007 00:22:43 -0800 From: "Daniel H. Renner" <dan () losangelescomputerhelp com> To: funsec () linuxbox org Subject: Re: [funsec] MalvertisingAs was seen when MySpace visitors were hit last October in attacks via advertising banners, and a year ago when 1 million MySpace visitors were hit via banners, and when Falk-Ag was hit, and when...Can you say "hosts file"?I can. But how does this help?Sincerely, Daniel H. Renner President Los Angeles Computerhelp A division of Computerhelp, Inc. 818-352-8700 http://losangelescomputerhelp.com funsec-request () linuxbox org wrote:Date: Thu, 6 Dec 2007 21:53:45 -0600 From: <rms () computerbytesman com>Subject: [funsec] Malvertising To: <funsec () linuxbox org>Message-ID: <004a01c83884$c4785c80$4d691580$@com> Content-Type: text/plain; charset="us-ascii" http://isc.sans.org/diary.html?storyid=3727
*snip* _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Malvertising rms (Dec 06)
- <Possible follow-ups>
- Re: Malvertising Daniel H. Renner (Dec 12)
- Re: Malvertising Gregory Hicks (Dec 13)
- Re: Malvertising Daniel H. Renner (Dec 13)