Im working through a ban list to stop any of my users downloading crap onto my machines like the smileycentral.com toolbar and stuff.

does anyone know some good 'advertising heavy' sites that I can use to collect ad-runner domains from?


BAH! I tell ya, the amount of time I spend taking spyware of peoples computers. fark. Id almost have time to read KB all day!

Is it possible to block downloading of all 'executable' code. We do that and have never had any problems. also disableing third-party brower extentions as part of group policy would probably be a good idea.

best of luck boss - just had a play on the old mans lappy, there was even spyware in his 1GB ram???? overall he had over 1.5 gb of spyware and other nasties.......and half of that was microsoft based bulltaco.
Cant u stop the spyware from hitting the server with a nasty software based firewalll. Also i saw some servers that do a 5 min shutdown every night, and each computer does a quick scan just before it shuts down. its was quite good cos it ment if u were on the night shift you got a 30 min smoko at 12.

I use dansguardian/squid to stop all downloads/windowsupdates/etc etc etc

I add norton update (or whatever antivirus is running around here) to my whitelist.

if people REALLY want to get stuff thru then I force them to zip and password it.
Dansguardian unpacks non passworded zips ;)

Try this hosts file:
http://www.mvps.org/winhelp2002/hosts.txt

Looks like it's updated regularly and it's by the MVPS.

I use dansguardian/squid to stop all downloads/windowsupdates/etc etc etc

I add norton update (or whatever antivirus is running around here) to my whitelist.

if people REALLY want to get stuff thru then I force them to zip and password it.
Dansguardian unpacks non passworded zips ;)

Yep. that's it. What he said. Don't let them download ANYTHING that isn't on a whitelist. Or connect to any site that isn't specified in your firewwall rules (make sure you remember to allow full access from your OWN IP of course).

Then they can come and ask if they want something. And show why there's a business case for it. or offer suitable bribes.

You need to read more BOFH.

u running firefox? ive been using mozilla (and netscape before mozilla in 99), for a while. And i really dislike IE.
My computer doesnt let half the crap it used to when i first got win95.

our servers never shut down. and our users ideally leave there workstations off at night.
but even with MS antispyware and adware and spybot and a few others. its often that I really just cant spend more than 2 hours removing stuff out of th registry manually because the anti-spywares wont get rid of it.

the 'no-executables' is a good idea. stop that crappy screensavers.com thing aswell. what was wrong with the good old SCR for fucks sake. mmmmm marquee.

bah. more people posted before I had finished writing that :)

the problem is we are pretty leniant. we allow pretty much anything (except email sites) so a whitelist is a no-go. the hosts file was also one my my idea's but the boss wants to keep it centralized (ISA server)

Im definately going to see what I can do about downloading executables. also bear in mind I cant change any of the software on my servers. not in a position to do so at the moment


edit: no Im not moving 300 users to mozilla. I know its better but I would like to get some sleep at night. (for 1 our intranet hates it)

bah. more people posted before I had finished writing that :)

the problem is we are pretty leniant. we allow pretty much anything (except email sites) so a whitelist is a no-go. the hosts file was also one my my idea's but the boss wants to keep it centralized (ISA server)

Im definately going to see what I can do about downloading executables. also bear in mind I cant change any of the software on my servers. not in a position to do so at the moment


edit: no Im not moving 300 users to mozilla. I know its better but I would like to get some sleep at night. (for 1 our intranet hates it)

Rather than using a host file why not add the entries to your DNS master, you’ll only need to do this once. Also, Microsoft have some recommended corporate lock down settings, It'll be worth your while checking these and going through these with your boss. Mozillia does help in some cases, but it's still has issues of its own.
Could be worth setting up a company internet proxy server, it's a good way of controlling where the users can't / shouldn't go. 300 users with unrestricted access sounds like a support nightmare!

Rather than using a host file why not add the entries to your DNS master, you’ll only need to do this once. Also, Microsoft have some recommended corporate lock down settings, It'll be worth your while checking these and going through these with your boss. Mozillia does help in some cases, but it's still has issues of its own.
Could be worth setting up a company internet proxy server, it's a good way of controlling where the users can't / shouldn't go. 300 users with unrestricted access sounds like a support nightmare!

YEAH MAN WE *cough,. sorry caps. yeah man we run an ISA proxy server. thats what im using to block domains and ip's etc.

but it runs other stuff so getting onto it and doing stuff is slow as shit. about 85% cpu usage at all times.

I blocked
*.smileycentral.com
*.doubleclick.net (.com)
*.imgfarm.com
*.advertising.com

and some other one I forgot.

those are proberly are biggest 5 (exluding the one I forgot) that we get

its a pity we dont look at more internet logs

At our site we run websense... makes it harder to download programs than to get porn but hey, it kills the friggen advertising. Worth talking to someone at your work who can shell out the $$ for it. Highly reccomended.

Ffox is good but I can see why you don't want it, mabey wait a little for it to be refined more. Or there is some extension out there that can help.
In IE disable all the cookies and crap like that, take out activeX and Java etc etc you know the drill. As a LAST resort install 'teatimer' which comes with spybot (don't forget to immunise) and set teatimer up to automatically disallow any changes to the registry. Dunno how winoze will like it but :whocares: .....

The windows permissions/corporate lockdown already said could help for the installation of stuff but it wont stop the nasties getting in, especially when micro$oft buys out Gator tech and takes it off the Antispyware definitions :mad:

Good luck fellow spyware hunter.

At our site we run websense... makes it harder to download programs than to get porn but hey, it kills the friggen advertising. Worth talking to someone at your work who can shell out the $$ for it. Highly reccomended.

Ffox is good but I can see why you don't want it, mabey wait a little for it to be refined more. Or there is some extension out there that can help.
In IE disable all the cookies and crap like that, take out activeX and Java etc etc you know the drill. As a LAST resort install 'teatimer' which comes with spybot (don't forget to immunise) and set teatimer up to automatically disallow any changes to the registry. Dunno how winoze will like it but :whocares: .....

The windows permissions/corporate lockdown already said could help for the installation of stuff but it wont stop the nasties getting in, especially when micro$oft buys out Gator tech and takes it off the Antispyware definitions :mad:

Good luck fellow spyware hunter.


I use Teatimer. Is good, doesn't upset windows, but might be a problem if you allow the lusers to install stuff. Not that you should, lock 'em down tight.