Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

WHAT "bad" websites?

Status
Not open for further replies.

CArceneau

Technical User
Feb 13, 2010
9
US
Please excuse my naïveté: exactly what types of websites am I supposed to steer clear of to avoid contracting malware infections?
 
The ones that inject bad code, which can lead to your PC being infected...

or where they try to get you to download a codec (which is a trojan/worm/rootkit) to view contents (video), e.g. some not all adult websites...



Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"
 
There are some that are bigger targets than others, in general. Sometimes, it's the folks running the sites, and sometimes the sites just get infected.

But there are some types that seem more commonly dangerous than others:
"Adult" Websites
Online Flash Game, Screensaver, Wallpaper sites
File Sharing related sites (P2P and similar/related)
Social Networking also is a big target, and oftentimes more vulnerable. I think that social networking sites are more vulnerable just in how they have to work in order to make things so easy for sharing. Kind of like at home - if you have an open sharing network between PCs, it's also easier to get cross-infected.
Anything, in general, which has lots of big flashing ads can be bad. Not always, but it's just easier for them to get infected.

--

"If to err is human, then I must be some kind of human!" -Me
 
While what you are saying in mostly true, this report suggests that 71% of the sites dealing malware aren't "dodgy sites themselves but ones that have been compromised."

I've seen several non-adult, non-video, non-P2P, non-"dodgy" sites lately that have been compromised.


James P. Cottingham
[sup]I'm number 1,229!
I'm number 1,229![/sup]
 
One part I find interesting is this:
SameWebLink said:
Other findings from the report showed a massive 95 per cent of user generated comments of blogs, forums and chatrooms were malicious or simply spam in the last six months and over 85 per cent of all emails were spam.

I understand that 85% of email being SPAM, and the 95 % of SPAM, etc comment posts, etc, but I'd rather like to know how much of that actually reaches its destination. I think in contrast, it's more important to see how much is being effective - getting through the SPAM filters. Sure some, but no where near 85 or 95 %. But maybe that's just me.

What I'm saying with that is that those types of statistics are actually counter-productive in regards to folks just browsing the web. If you take into account of those SPAM/malicious comments and emails, and only count those that actually show on sites, I believe the statistics would be far different. And it's THOSE statistics that end up actually affecting people. If the SPAM doesn't get through to the reader/user, then it's innefective, and frankly doesn't matter.

--

"If to err is human, then I must be some kind of human!" -Me
 
Not to hijack the thread, but a comment made me think of this. I created a throw away email address called inbox@mydomain that I used to register for sites where I need to give them an email, but don't want to give them my good email address. Not surprisingly, from looking at (postfix's) mail.log this account gets a fair number of spam attempts. What is surprising is that virtually all of them are caught by postgrey. If they get through that, they will then need to get through spamassassin which utilizes rtbls and adaptive filtering. The end analysis has been that the effective 'spam rate' of what makes it to my inbox is very low, at a fraction of a percent.


 
So from the sound of things, Noway2, you use your own mail server at home - a Linux box, I'm guessing? Or are you able to run that on your desktop?

--

"If to err is human, then I must be some kind of human!" -Me
 
Yes, I run my own mail server out of my home, I have for almost a year now. You are also correct, this is running on a Linux box. Ubuntu 9.10 to be exact. Thankfully my ISP does not attempt to block port 25 (or the secure equivalents) and as long as you are tied to their (cable) network their smtp server will accept and relay messages without additonal authentication. The only reason I need to relay through them is that the IP is classifed as a dynamic IP (static ones are not available with this provider) which gets me black listed as an originating SMTP unless it passes through a known one first.

I use a combination of Postfix as the MTA and Dovecot for the POP/Imap componet. I use MySQL to host multiple virtual domains and users with a combination of anti-spam and anti-virus programs. The level of control, especially over the security, that this provides is unequaled by my IPS's mail or a hotmail, etc. For example, I can ensure that all of my mail is transmitted over a TLS secured connection and I can fine tune the anti-spam measures as needed.
 
I'll hush after this one. The whole setting up of a Linux box as a server, router, etc has been intriguing to me. The main thing that's been keeping me from going that route has purely been concern about power usage vs a normal router. Also, if I used a dedicated box for that, I'd probably want to shut it off at least some evenings when hitting the hay.

So, with your mail server, I suppose you have to leave it running all the time, or else you don't get your mail, or do you initially get your mail through another provider, and just download and further filter it yourself?

--

"If to err is human, then I must be some kind of human!" -Me
 
Carceneau, I apologize again for diverting this thread, which wasn't my intention. The spam aside sent us off track.

I am re-directing this thread to one in the linux server forum where this will be on topic and we can feel free to discuss.


 
The moved discussion is here (for anyone following):
thread54-1591763

--

"If to err is human, then I must be some kind of human!" -Me
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top