Re: OT: Maybe old news... Re: ZoneAlarm/Hosts (long list)

2006-01-26, Responding to Thomas...
> I have
>
> ZoneAlarm and I read this article. Now if only I could figure what
> they mean by "Windows Host File" then I'd be in business. :)

S'easy! ;)

A "hosts" file is a text file that contains names of
internet (or just network) addresses, and the IP numbers
assigned to those names. You should have one tucked away in
your Windows system folders. Either that, or do a Google for
where to put one.

127.0.0.1 is the universal IP number for the "local" machine
you are using (called "localhost"), and is supposed to be
automatically treated as *internal traffic only* for each
machine. IOW, anything sent to, or received from, 127.0.0.1
is not allowed into or out of that machine.

The "trick" works like this...

You don't want any payloaded nasties sending your browser or
Email proggie off to log into Spammer.com to collect more, ok?

So you add an entry into your "hosts" file like this...

127.0.0.1 Spammer.com

....and now, if/when something like a webpage, or an Email,
tells your system to log into Spammer.com for some nasty
little 1 pixel graphic (a "web-bug") for instance, your
system will be told by your own "hosts" file that
Spammer.com is associated with the IP address 127.0.0.1,
which is YOUR machine, and not the Spammer.com server that
wants to load a nasty into your system by stealth while
you're reading your mail, or browsing a webpage. Because
your machine does not have the item the tricky Email/webpage
wants, your system will report to itself "resource not
found" and just get on with it's business without it. The
whole process takes next to no time, so you shouldn't even
notice the new diverted action that prevents a connection to
the actual Spammer.com address.


And there's MORE!!!


If you collect a list of names for all those servers that
want to load adverts into your browser, and give them all
127.0.0.1 references in your "hosts" file, your browsing
will be quicker and simpler, avoiding all those hold-ups
while yet another remote graphic is "waited for". (And
having your online IP address registered as "active" etc.
by spammer "demographic data" collection processes.)

Here's a copy of my current "hosts" file (just the 127.0.0.1
add-ons). The first bit I grabbed from somebody's online
offering, and the second bit is the list of junk I've added
since. Sure, its long (and growing, Ooer!), but all you need
to do after a browsing session is take a peek at your
browser's history file, and copy/paste the
ad.something.whatever stuff into your "hosts" file "list",
and give it a 127.0.0.1 IP address reference. Bingo! No
more adverts from THAT server either! :)


### Killing ADlinks list = WIP!

127.0.0.1 207-87-18-203.wsmg.digex.net
127.0.0.1 Garden.ngadcenter.net
127.0.0.1 Ogilvy.ngadcenter.net
127.0.0.1 ResponseMedia-ad.flycast.com
127.0.0.1 Suissa-ad.flycast.com
127.0.0.1 UGO.eu-adcenter.net
127.0.0.1 VNU.eu-adcenter.net
127.0.0.1 a32.g.a.yimg.com
127.0.0.1 ad-adex3.flycast.com
127.0.0.1 ad.adsmart.net
127.0.0.1 ad.ca.doubleclick.net
127.0.0.1 ad.de.doubleclick.net
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad.fr.doubleclick.net
127.0.0.1 ad.jp.doubleclick.net
127.0.0.1 ad.linkexchange.com
127.0.0.1 ad.linksynergy.com
127.0.0.1 ad.nl.doubleclick.net
127.0.0.1 ad.no.doubleclick.net
127.0.0.1 ad.preferences.com
127.0.0.1 ad.sma.punto.net
127.0.0.1 ad.uk.doubleclick.net
127.0.0.1 ad.webprovider.com
127.0.0.1 ad08.focalink.com
127.0.0.1 adcontroller.unicast.com
127.0.0.1 adcreatives.imaginemedia.com
127.0.0.1 adex3.flycast.com
127.0.0.1 adforce.ads.imgis.com
127.0.0.1 adforce.imgis.com
127.0.0.1 adfu.blockstackers.com
127.0.0.1 adimage.blm.net
127.0.0.1 adimages.earthweb.com
127.0.0.1 adimg.egroups.com
127.0.0.1 admedia.xoom.com
127.0.0.1 adpick.switchboard.com
127.0.0.1 adremote.pathfinder.com
127.0.0.1 ads.admaximize.com
127.0.0.1 ads.bfast.com
127.0.0.1 ads.clickhouse.com
127.0.0.1 ads.enliven.com
127.0.0.1 ads.fairfax.com.au
127.0.0.1 ads.fool.com
127.0.0.1 ads.freshmeat.net
127.0.0.1 ads.hollywood.com
127.0.0.1 ads.i33.com
127.0.0.1 ads.infi.net
127.0.0.1 ads.jwtt3.com
127.0.0.1 ads.link4ads.com
127.0.0.1 ads.lycos.com
127.0.0.1 ads.madison.com
127.0.0.1 ads.mediaodyssey.com
127.0.0.1 ads.msn.com
127.0.0.1 ads.ninemsn.com.au
127.0.0.1 ads.seattletimes.com
127.0.0.1 ads.smartclicks.com
127.0.0.1 ads.smartclicks.net
127.0.0.1 ads.sptimes.com
127.0.0.1 ads.tripod.com
127.0.0.1 ads.web.aol.com
127.0.0.1 ads.x10.com
127.0.0.1 ads.xtra.co.nz
127.0.0.1 ads.zdnet.com
127.0.0.1 ads01.focalink.com
127.0.0.1 ads02.focalink.com
127.0.0.1 ads03.focalink.com
127.0.0.1 ads04.focalink.com
127.0.0.1 ads05.focalink.com
127.0.0.1 ads06.focalink.com
127.0.0.1 ads08.focalink.com
127.0.0.1 ads09.focalink.com
127.0.0.1 ads1.activeagent.at
127.0.0.1 ads10.focalink.com
127.0.0.1 ads11.focalink.com
127.0.0.1 ads12.focalink.com
127.0.0.1 ads14.focalink.com
127.0.0.1 ads16.focalink.com
127.0.0.1 ads17.focalink.com
127.0.0.1 ads18.focalink.com
127.0.0.1 ads19.focalink.com
127.0.0.1 ads2.zdnet.com
127.0.0.1 ads20.focalink.com
127.0.0.1 ads21.focalink.com
127.0.0.1 ads22.focalink.com
127.0.0.1 ads23.focalink.com
127.0.0.1 ads24.focalink.com
127.0.0.1 ads25.focalink.com
127.0.0.1 ads3.zdnet.com
127.0.0.1 ads3.zdnet.com
127.0.0.1 ads5.gamecity.net
127.0.0.1 adserv.iafrica.com
127.0.0.1 adserv.quality-channel.de
127.0.0.1 adserver.dbusiness.com
127.0.0.1 adserver.garden.com
127.0.0.1 adserver.janes.com
127.0.0.1 adserver.merc.com
127.0.0.1 adserver.monster.com
127.0.0.1 adserver.track-star.com
127.0.0.1 adserver1.ogilvy-interactive.de
127.0.0.1 adtegrity.spinbox.net
127.0.0.1 antfarm-ad.flycast.com
127.0.0.1 au.ads.link4ads.com
127.0.0.1 banner.media-system.de
127.0.0.1 banner.orb.net
127.0.0.1 banner.relcom.ru
127.0.0.1 banners.easydns.com
127.0.0.1 banners.looksmart.com
127.0.0.1 banners.wunderground.com
127.0.0.1 barnesandnoble.bfast.com
127.0.0.1 beseenad.looksmart.com
127.0.0.1 bizad.nikkeibp.co.jp
127.0.0.1 bn.bfast.com
127.0.0.1 c3.xxxcounter.com
127.0.0.1 califia.imaginemedia.com
127.0.0.1 cds.mediaplex.com
127.0.0.1 click.avenuea.com
127.0.0.1 click.go2net.com
127.0.0.1 click.linksynergy.com
127.0.0.1 cookies.cmpnet.com
127.0.0.1 cornflakes.pathfinder.com
127.0.0.1 counter.hitbox.com
127.0.0.1 crux.songline.com
127.0.0.1 erie.smartage.com
127.0.0.1 etad.telegraph.co.uk
127.0.0.1 fp.valueclick.com
127.0.0.1 gadgeteer.pdamart.com
127.0.0.1 gm.preferences.com
127.0.0.1 gp.dejanews.com
127.0.0.1 hg1.hitbox.com
127.0.0.1 image.click2net.com
127.0.0.1 image.eimg.com
127.0.0.1 images2.nytimes.com
127.0.0.1 jobkeys.ngadcenter.net
127.0.0.1 kansas.valueclick.com
127.0.0.1 leader.linkexchange.com
127.0.0.1 liquidad.narrowcastmedia.com
127.0.0.1 ln.doubleclick.net
127.0.0.1 m.doubleclick.net
127.0.0.1 macaddictads.snv.futurenet.com
127.0.0.1 maximumpcads.imaginemedia.com
127.0.0.1 media.preferences.com
127.0.0.1 mercury.rmuk.co.uk
127.0.0.1 mojofarm.sjc.mediaplex.com
127.0.0.1 nbc.adbureau.net
127.0.0.1 newads.cmpnet.com
127.0.0.1 ng3.ads.warnerbros.com
127.0.0.1 ngads.smartage.com
127.0.0.1 nsads.hotwired.com
127.0.0.1 ntbanner.digitalriver.com
127.0.0.1 ph-ad05.focalink.com
127.0.0.1 ph-ad07.focalink.com
127.0.0.1 ph-ad16.focalink.com
127.0.0.1 ph-ad17.focalink.com
127.0.0.1 ph-ad18.focalink.com
127.0.0.1 rd.yahoo.com
127.0.0.1 realads.realmedia.com
127.0.0.1 redherring.ngadcenter.net
127.0.0.1 redirect.click2net.com
127.0.0.1 regio.adlink.de
127.0.0.1 retaildirect.realmedia.com
127.0.0.1 s2.focalink.com
127.0.0.1 sh4sure-images.adbureau.net
127.0.0.1 spin.spinbox.net
127.0.0.1 static.admaximize.com
127.0.0.1 stats.superstats.com
127.0.0.1 sview.avenuea.com
127.0.0.1 thinknyc.eu-adcenter.net
127.0.0.1 tracker.clicktrade.com
127.0.0.1 tsms-ad.tsms.com
127.0.0.1 v0.extreme-dm.com
127.0.0.1 v1.extreme-dm.com
127.0.0.1 van.ads.link4ads.com
127.0.0.1 view.accendo.com
127.0.0.1 view.avenuea.com
127.0.0.1 w113.hitbox.com
127.0.0.1 w25.hitbox.com
127.0.0.1 cdn.fastclick.net
127.0.0.1 web2.deja.com
127.0.0.1 webads.bizservers.com
127.0.0.1 www.PostMasterBannerNet.com
127.0.0.1 www.ad-up.com
127.0.0.1 www.admex.com
127.0.0.1 www.alladvantage.com
127.0.0.1 www.burstnet.com
127.0.0.1 www.commission-junction.com
127.0.0.1 www.eads.com
127.0.0.1 www.freestats.com
127.0.0.1 www.imaginemedia.com
127.0.0.1 www.netdirect.nl
127.0.0.1 www.oneandonlynetwork.com
127.0.0.1 www.targetshop.com
127.0.0.1 www.teknosurf2.com
127.0.0.1 www.teknosurf3.com
127.0.0.1 www.valueclick.com
127.0.0.1 www.websitefinancing.com
127.0.0.1 www2.burstnet.com
127.0.0.1 www4.trix.net
127.0.0.1 www80.valueclick.com
127.0.0.1 z.extreme-dm.com
127.0.0.1 z0.extreme-dm.com
127.0.0.1 z1.extreme-dm.com

# Mike's NEWIN...
127.0.0.1 z1.adserver.com
127.0.0.1 adsremote.scripps.com
127.0.0.1 google.ads.com
127.0.0.1 a1040.g.akamai.net
127.0.0.1 a692.g.akamai.net
127.0.0.1 clickit.go2net.com
127.0.0.1 switch.atdmt.com
127.0.0.1 st.sageanalyst.net
127.0.0.1 opera1-servedby.advertising.com
127.0.0.1 opera2-servedby.advertising.com
127.0.0.1 opera3-servedby.advertising.com
127.0.0.1 opera4-servedby.advertising.com
127.0.0.1 opera5-servedby.advertising.com
127.0.0.1 pagead1.googlesyndication.com
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 pagead3.googlesyndication.com
127.0.0.1 pagead4.googlesyndication.com
127.0.0.1 pagead5.googlesyndication.com
127.0.0.1 ins1.opera.com
127.0.0.1 ins2.opera.com
127.0.0.1 ins3.opera.com
127.0.0.1 ins4.opera.com
127.0.0.1 ins5.opera.com
127.0.0.1 ads.nola.com
127.0.0.1 ads.wnd.com
127.0.0.1 ads.advance.net
127.0.0.1 ads1.udc.advance.net
127.0.0.1 ads2.udc.advance.net
127.0.0.1 ads3.udc.advance.net
127.0.0.1 cdn.fastclick.net
127.0.0.1 media.fastclick.net
127.0.0.1 a.tribalfusion.com
127.0.0.1 us.js1.yming.com
127.0.0.1 us.js1.yimg.com
127.0.0.1 av.rds.yahoo.com
127.0.0.1 stats.hitbox.com
127.0.0.1 banners.copyscape.com
127.0.0.1 lapi.ebay.com
127.0.0.1 impgb.tradedoubler.com
127.0.0.1 network-clue.com
127.0.0.1 adserv1.diyonline.com
127.0.0.1 adserver.adtech.de
127.0.0.1 talkback.mozilla.org
127.0.0.1 fullcirclesoftware.com


As you can imagine, Spam/ad server admins know damn well
there are people doing this trick, and so will tend to keep
using new server addresses. The obvious ones are easy to
spot and add to your list though.

Hope this answered your question? :)



Mike@xxxx
--
----
* MikesBrain+WebStuff @ http://tinyurl.com/5ayqt
- Schauen Sie immer auf der hellen Seite des Lebens! :)
.

Relevant Pages

  • Re: DMZ and AD
    ... and Exchange hosts assuming that the problem of IPSec tunnels to ... Exchange clusters is now recommended) with the intent of requiring fewer ... allow the FE server the communications with the Exchange and Active ...
    (microsoft.public.windows.server.active_directory)
  • Re: Solaris NIS server and Linux NIS client : problems
    ... Changed nsswitch.conf for hosts values. ... hosts: nis dns files ... Sep 2 09:59:57 spock ypbind: bound to NIS server odin. ... Can't get map list for domain. ...
    (comp.os.linux.networking)
  • Re: Solaris NIS server and Linux NIS client : problems
    ... Changed nsswitch.conf for hosts values. ... hosts: nis dns files ... Sep 2 09:59:57 spock ypbind: bound to NIS server odin. ... Can't get map list for domain. ...
    (comp.unix.solaris)
  • Re: Is my server hijacked or is it spammed
    ... Only authenticated hosts can relay through our server, ... would seem the spammer actually managed to authenticate. ...
    (microsoft.public.exchange.admin)
  • Re: RWW basic question !!
    ... Go to www.internic.net and do a whois lookup of your domain name to see ... Advanced Windows Small Business Server 2003 Best Practices ... determine who hosts your DNS records. ... internet connection. ...
    (microsoft.public.windows.server.sbs)