×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

WHAT "bad" websites?

WHAT "bad" websites?

WHAT "bad" websites?

(OP)
Please excuse my naïveté: exactly what types of websites am I supposed to steer clear of to avoid contracting malware infections?

RE: WHAT "bad" websites?

There are some that are bigger targets than others, in general.  Sometimes, it's the folks running the sites, and sometimes the sites just get infected.

But there are some types that seem more commonly dangerous than others:
  "Adult" Websites
  Online Flash Game, Screensaver, Wallpaper sites
  File Sharing related sites (P2P and similar/related)
  Social Networking also is a big target, and oftentimes more vulnerable.  I think that social networking sites are more vulnerable just in how they have to work in order to make things so easy for sharing.  Kind of like at home - if you have an open sharing network between PCs, it's also easier to get cross-infected.
  Anything, in general, which has lots of big flashing ads can be bad.  Not always, but it's just easier for them to get infected.

--

"If to err is human, then I must be some kind of human!" -Me

RE: WHAT "bad" websites?

While what you are saying in mostly true, this report suggests that 71% of the sites dealing malware aren't "dodgy sites themselves but ones that have been compromised."

I've seen several non-adult, non-video, non-P2P, non-"dodgy" sites lately that have been compromised.
  

James P. Cottingham
I'm number 1,229!
I'm number 1,229!

RE: WHAT "bad" websites?

One part I find interesting is this:

Quote (SameWebLink):

Other findings from the report showed a massive 95 per cent of user generated comments of blogs, forums and chatrooms were malicious or simply spam in the last six months and over 85 per cent of all emails were spam.

I understand that 85% of email being SPAM, and the 95 % of SPAM, etc comment posts, etc, but I'd rather like to know how much of that actually reaches its destination.  I think in contrast, it's more important to see how much is being effective - getting through the SPAM filters.  Sure some, but no where near 85 or 95 %.  But maybe that's just me.

What I'm saying with that is that those types of statistics are actually counter-productive in regards to folks just browsing the web.  If you take into account of those SPAM/malicious comments and emails, and only count those that actually show on sites, I believe the statistics would be far different.  And it's THOSE statistics that end up actually affecting people.  If the SPAM doesn't get through to the reader/user, then it's innefective, and frankly doesn't matter.

--

"If to err is human, then I must be some kind of human!" -Me

RE: WHAT "bad" websites?

Not to hijack the thread, but a comment made me think of this.  I created a throw away email address called inbox@mydomain that I used to register for sites where I need to give them an email, but don't want to give them my good email address.  Not surprisingly, from looking at (postfix's) mail.log this account gets a fair number of spam attempts.  What is surprising is that virtually all of them are caught by postgrey.  If they get through that, they will then need to get through spamassassin which utilizes rtbls and adaptive filtering.  The end analysis has been that the effective 'spam rate' of what makes it to my inbox is very low, at a fraction of a percent.


 

RE: WHAT "bad" websites?

So from the sound of things, Noway2, you use your own mail server at home - a Linux box, I'm guessing?  Or are you able to run that on your desktop?

--

"If to err is human, then I must be some kind of human!" -Me

RE: WHAT "bad" websites?

Yes, I run my own mail server out of my home, I have for almost a year now.  You are also correct, this is running on a Linux box. Ubuntu 9.10 to be exact.  Thankfully my ISP does not attempt to block port 25 (or the secure equivalents) and as long as you are tied to their (cable) network their smtp server will accept and relay messages without additonal authentication.  The only reason I need to relay through them is that the IP is classifed as a dynamic IP (static ones are not available with this provider) which gets me black listed as an originating SMTP unless it passes through a known one first.

I use a combination of Postfix as the MTA and Dovecot for the POP/Imap componet.  I use MySQL to host multiple virtual domains and users with a combination of anti-spam and anti-virus programs.  The level of control, especially over the security, that this provides is unequaled by my IPS's mail or a hotmail, etc.  For example, I can ensure that all of my mail is transmitted over a TLS secured connection and I can fine tune the anti-spam measures as needed.     

RE: WHAT "bad" websites?

I'll hush after this one.  The whole setting up of a Linux box as a server, router, etc has been intriguing to me.  The main thing that's been keeping me from going that route has purely been concern about power usage vs a normal router.  Also, if I used a dedicated box for that, I'd probably want to shut it off at least some evenings when hitting the hay.

So, with your mail server, I suppose you have to leave it running all the time, or else you don't get your mail, or do you initially get your mail through another provider, and just download and further filter it yourself?

--

"If to err is human, then I must be some kind of human!" -Me

RE: WHAT "bad" websites?

Carceneau,  I apologize again for diverting this thread, which wasn't my intention.  The spam aside sent us off track.

I am re-directing this thread to one in the linux server forum where this will be on topic and we can feel free to discuss.


 

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close