Post by FromTheRaftersJust out of idle curiosity, do you use the hosts file for filtering
out known adware/spyware domain names?
If you use the MSMVP HOSTS file, along with Ad-Block+ and Ghostery
in FF, you'll rarely see any ads.
The bonus of the HOSTS file is that pages load much faster when they
don't have to resolve all the ads, the ad-servers all are told to
goto localhost (which results in a 404).
There has been a somewhat large increase over the past few years in the
number of ad-serving and web-tracking / web-metrics companies offering
services to site and server-farm owners/operators. There are lots of
people spending time imagining new business models that revolve around
how to come up with new ways to leverage the click-behavior of internet
users as they navigate between sites, visit or post to social media
sites, and perform e-commerce transactions. Once they have a new
concept ironed out, they form a startup business, write back-end
software and set up servers to perform the intended service, and pitch
the service to site owners.
Site or domain owners seem to have no end to an appetite to pay for and
integrate these third-party services into their web content.
By hooking into these services, new vulnerabilities are created for
hackers to infiltrate the servers of these companies and inject
malicious code or monitor valuable transaction data (personal info,
credit-card numbers, etc). For end users, these companies and the
servers they operate are a garbage or a parasitic drain on your
web-surfing experience - and can be much worse if they happen to be
serving you malware because they've been hacked into.
If you browse to any of the popular pseudo-journalistic websites
(gizmodo, cnet/zdnet, arstechnica, engadget, etc) what you don't see are
the behind-the-scenes linkages to these various ad-serving and
web-metrics services. If you had a look at the out-going log of your
broadband modem or router you would see just where or who your browser
is sending data to for any given website you browse to.
As we are seeing more and more often, nullifying the ability of your
browser to make contact with those parasitic servers will do more than
just result in a smoother and faster site-surfing experience - it will
close a vulnerability window that can expose your PC to malware. The
beauty here is that these parasitic servers operate from fixed domains
or IP addresses that rarely change.
Here's an example of some entries in my own hosts file that I've added
manually after observing their existence as a result of my own
web-surfing and file-downloading:
127.0.0.1 2o7.net
127.0.0.1 aa.newsblock.dt07.net
127.0.0.1 ad.amgdgt.com
127.0.0.1 ad4game.com
127.0.0.1 adbureau.net
127.0.0.1 addthis.com
127.0.0.1 addthiscdn.com
127.0.0.1 ad-emea.doubleclick.net
127.0.0.1 ad-g.doubleclick.net
127.0.0.1 adgardener.com
127.0.0.1 ads.ad4game.com
127.0.0.1 ads.crowda.com
127.0.0.1 ads.fulldls.com
127.0.0.1 ads.hulu.com
127.0.0.1 ak1.abmr.net
127.0.0.1 algebra.com
127.0.0.1 allslotscasino.com
127.0.0.1 allyoubet.com
127.0.0.1 amazonaws.com
127.0.0.1 amgdgt.com
127.0.0.1 an.tacoda.net
127.0.0.1 api.facebook.com
127.0.0.1 api.tweetmeme.com
127.0.0.1 api-read.facebook.com
127.0.0.1 as5000.com
127.0.0.1 asterpix.com
127.0.0.1 b.scorecardresearch.com
127.0.0.1 b.scorecardresearch.com
127.0.0.1 beacon.scorecardresearch.com
127.0.0.1 cache-01.gawkerassets.com
127.0.0.1 cache-02.gawkerassets.com
127.0.0.1 cache-03.gawkerassets.com
127.0.0.1 cache-04.gawkerassets.com
127.0.0.1 cdn.krxd.net
127.0.0.1 cgi.gstatic.com
127.0.0.1 chartbeat.net
127.0.0.1 clients1.google.ca
127.0.0.1 cm.g.doubleclick.net
127.0.0.1 com.com
127.0.0.1 com-net.info
127.0.0.1 crowda.com
127.0.0.1 cspix.media6degrees.com
127.0.0.1 digg.com
127.0.0.1 dmgt.grapeshot.co.uk
127.0.0.1 doubleclick.net
127.0.0.1 dt07.net
127.0.0.1 edge.quantserve.com
127.0.0.1 egba.eu
127.0.0.1 eproof.com
127.0.0.1 error.facebook.com
127.0.0.1 facebook.com
127.0.0.1 feeds.feedburner.com
127.0.0.1 flickr.com
127.0.0.1 fulldls.com
127.0.0.1 gamblingcontrol.org
127.0.0.1 gamblingtherapy.org
127.0.0.1 gawkerassets.com
127.0.0.1 gfxworld.ws
127.0.0.1 googleads.g.doubleclick.net
127.0.0.1 googlesyndication.com
127.0.0.1 gotomyprotectedzone.com
127.0.0.1 gra.gi
127.0.0.1 grapeshot.co.uk
127.0.0.1 gravatar.com
127.0.0.1 i.i.com.com
127.0.0.1 idgenterprise.112.2o7.net
127.0.0.1 imageshack.us
127.0.0.1 imgn.dt07.net
127.0.0.1 imrworldwide.com
127.0.0.1 instant.allslotscasino.com
127.0.0.1 jsn.dt07.net
127.0.0.1 jwtapps.com
127.0.0.1 keisu02.eproof.com
127.0.0.1 krxd.net
127.0.0.1 lightningcast.com
127.0.0.1 limestee.net
127.0.0.1 map.media6degrees.com
127.0.0.1 media6degrees.com
127.0.0.1 metrics.reedbusiness.net
127.0.0.1 mgid.com
127.0.0.1 mundofox.com
127.0.0.1 nctracking.com
127.0.0.1 objects.mundofox.com
127.0.0.1 oc.allyoubet.com
127.0.0.1 omaha.adbureau.net
127.0.0.1 onlinesecurescan.com
127.0.0.1 p.ic.tynt.com
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 partyaccount.com
127.0.0.1 partygaming.com
127.0.0.1 partypartners.com
127.0.0.1 partypoker.com
127.0.0.1 pgmediaserve.com
127.0.0.1 pixel.quantserve.com
127.0.0.1 platinumgmat.com
127.0.0.1 quantserve.com
127.0.0.1 reddit.com
127.0.0.1 reedbusiness.net
127.0.0.1 scorecardresearch.com
127.0.0.1 secure.partyaccount.com
127.0.0.1 server1.as5000.com
127.0.0.1 server2.as5000.com
127.0.0.1 static.addtoany.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 static.travelscream.com
127.0.0.1 statse.webtrendslive.com
127.0.0.1 t0.gstatic.com
127.0.0.1 tacoda.net
127.0.0.1 tcr.tynt.com
127.0.0.1 theshoppingchannel.com
127.0.0.1 tqn.com
127.0.0.1 traffz.com
127.0.0.1 travelscream.com
127.0.0.1 tweetmeme.com
127.0.0.1 twitter.com
127.0.0.1 tynt.com
127.0.0.1 unvisitedplaces.com
127.0.0.1 viperhost.net
127.0.0.1 w.ic.tynt.com
127.0.0.1 webtrendslive.com
127.0.0.1 weeklyprizewinner.com-net.info
127.0.0.1 windows-protectonline.net
127.0.0.1 www.addthis.com
127.0.0.1 www.allyoubet.com
127.0.0.1 www.facebook.com
127.0.0.1 www.gravatar.com
127.0.0.1 www.israbox.com
127.0.0.1 www.miliwoman.com
127.0.0.1 www.partypoker.com
127.0.0.1 www.reddit.com
127.0.0.1 www.traffz.com
127.0.0.1 www.weeklyprizewinner.com-net.info
127.0.0.1 yfum.com
127.0.0.1 youtube-3rd-party.com
127.0.0.1 zulu.tweetmeme.com