Pink Poogle Toy Forum

The official community of Pink Poogle Toy
Main Site
NeoDex
It is currently Wed Nov 20, 2024 3:33 am

All times are UTC




Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 47 posts ]  Go to page Previous  1, 2, 3, 4  Next
Author Message
 Post subject:
PostPosted: Sun Sep 10, 2006 1:19 am 
PPT God
PPT God
User avatar

Posts: 1567
Joined: Sat Oct 08, 2005 8:41 am
Location: Denver, Colorado
Gender: Female
Cranberry, is this akin to using something like Privoxy/Tor and other things? I can see how that could be useful but find such a bit burdensome and 'overprotective' in most cases.

Specifically, to access the Internet at all, one must have the 're-routing' application running first. A great filter, but a bit overly-paranoid, in my personal opinion (though I could be overly-naive). :oops: Or more willing to take 'risks' as I am not particularly scared of such. o_O

One thing is for sure, I have been computing since before spyware/adware/malware/viruses/trojans existed and been protecting myself ever since. The main problem seems with this 'useless' ActiveX (only required by the beloved Trident engine, at least beloved by some). :P

If the Java exploit might be a concern for other browsers, as allnameswereout suggested, then that is a grand concern, in my opinion.

Most systems/browsers have or use Java and/or JScript. What does this mean for them? For us all? Neopets requires JS for even popping up games and Items to feed our pets. If I can't feed my pets, Neopets is moot or dead to me. They need to fix this or risk all they built so far.


Inventor of the Mad Plumber Wizard

Main Account: anjuna
Side 1: thetan604
Side 2: unoriginal_sin
Side 3: mobofo
Side 4: anomalie


Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 10, 2006 4:11 am 
Beyond Godly
Beyond Godly
User avatar

Posts: 2743
Joined: Mon May 31, 2004 3:55 pm
Location: PEI, Canada
Gender: Female
No, I don't think the HOSTS file is anything like those. There's nothing you have to load up before starting up your browser, no program or anything. It's just a text file on your computer, and when a webpage wants to display an ad, the computer tricks it into thinking the ad is in that text file instead of out there on the Internet. Or something. That's simplifying it a lot (I'm no computer science major ;)), but it's like... you don't have to ever think about it aside from updating it every few weeks or so.


Image


Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 10, 2006 4:31 am 
PPT God
PPT God
User avatar

Posts: 1567
Joined: Sat Oct 08, 2005 8:41 am
Location: Denver, Colorado
Gender: Female
That sounds more like the simple CSS file on my computer to block the main neopets top banner ad. I am no computer science major either lol but I think what you are referring to does need an application to run it and does need to be run first before the browser is able to access any or all of the Internet (basically like setting up a Proxy which most users won't know how to do).

It is a privacy application and can be useful, but impractical for most users.

And I should hope unnecessary for any user (of any age) to learn to use such just to be playing an online game that has existed for over 6 years. :roll:

After all, Neopets is still a game site for kids (and others) and not a course in advanced computing and Internet security. :P

EDIT: My virtual pets are on a hunger strike because of all this. Sad, huh?


Inventor of the Mad Plumber Wizard

Main Account: anjuna
Side 1: thetan604
Side 2: unoriginal_sin
Side 3: mobofo
Side 4: anomalie


Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 10, 2006 9:08 am 
PPT Toddler
PPT Toddler

Posts: 117
Joined: Fri Oct 28, 2005 6:13 am
The hosts file is a nice hack (in the good sense of the word; not the malicious one) allowing one to block trillions of hostile websites. Malware, adware, ads, etcetera. It has a few disadvantages, one of them that when you run a local webserver on 127.0.0.1 your browser will access it every time you use your hosts file to block ads (and that happens a lot) -- for most Neopets players that is of no concern though.

I'm using Peerguardian (on BSD) for this purpose using dynamic firewalling. Peerguardian has certain groups such as ads, government, P2P, etcetera which you can block. Its basically a simple firewall (ruleset). It is available for the popular desktop OSes (Windows, MacOSX, Linux, *BSD).

Privoxy is a "filtering" proxy protecting private data from your browswer. It runs local on your computer can do something similar to this (and much more). Tor is an anonymizer you don't need that to play Neopets. In fact, you do not want to use an anonymizer network to send data containing passwords (your Neopets login) since one of the endnodes may sniff it. Don't use Tor for such purposes its not suitable. The same is true for a proxy except that such is usually not anonymous at all, or at best only anonymous for protecting against the website knowing who you are (Tor is useful against sniffing governments, RIAA, etcetera, as well) so using a proxy the person who runs it can get your Neopets cookie/password. Do you know them? Trust them? So neither Tor nor a proxy is useful for this purpose. Ofcourse, Privoxy runs on your computer and you trust yourself (so does Tor but it uses an anonymizing P2P network with extensive routing and encryption).

This all has nothing to do with CSS. Although one could use CSS to block ads as well (Greasemonkey for FF there is sth like that for IE as well i forgot the name. GreasemonkIEperhaps? Could be various versions).

The most simple way is IMO either the hosts file way (although not cleanest) or PG (PeerGuardian). PeerGuardian also allows you to block malicious people on P2P network such as people who use P2P from RIAA IPs (why would they do that? ;) ). Privoxy and Greasemonkey are a bit harder to get set up but would do the job too.

I'm not a CS major either. CS major says nothing about computer security at all. Usually, its rather people who know their OS well such as (some) programmers or people who secure computers for a living who know about security. A programmer may have a CS degree, or not. There are some who claim to know so much about computer security but are essentially clueless (hello Steve Gibson!).

Hope that was useful to someone...

PS: Anjuna, ActiveX is very useful for Trident-based browsers as it allows one to use plugins in a Trident-based browser. Plugins such as Java, Flash, Shockwave, Quicktime, Acrobat Reader, etcetera. Now, if you don't need those plugins, you can disable ActiveX indeed, but you basically do need Flash to play Neopets. Also, some settings may be changed to make ActiveX slightly more secure.


Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 10, 2006 3:55 pm 
Beyond Godly
Beyond Godly
User avatar

Posts: 2743
Joined: Mon May 31, 2004 3:55 pm
Location: PEI, Canada
Gender: Female
anjuna wrote:
That sounds more like the simple CSS file on my computer to block the main neopets top banner ad. I am no computer science major either lol but I think what you are referring to does need an application to run it and does need to be run first before the browser is able to access any or all of the Internet (basically like setting up a Proxy which most users won't know how to do).

It is a privacy application and can be useful, but impractical for most users.


No, it doesn't need any kind of application to load up before the Internet. I use a HOSTS file and it's just... there. If I use hijack this, there's no entry. It's just a file in the Windows folder. It's a very simple way to add some extra security (it shouldn't take the place of virus protection, but it can work with it to block tons and tons of bad sites -- not to mention the annoying flashing ads themselves). The webpage I linked explains it pretty simply; you should read that.

See, I'm not a computery person at all; I didn't even know that CS majors might not know about security. ;) I can keep my computer pretty safe and fix it if it gets a problem, and that's about it. No programming or anything for me!


Image


Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 10, 2006 5:44 pm 
PPT Toddler
PPT Toddler
User avatar

Posts: 105
Joined: Sat Jun 03, 2006 11:56 am
Location: On The Edge Of Insanity
Thank you! Anjuna, Cranberry and Allnameswereout. I have found all of your comments and links quite helpful. :)




Edited to say: Oooh! Look at the precious. I just noticed, and am now officially welcoming myself to Stardom.


It's just a game, it's just a game, it's just a game, it's just a ga....Yeah, you keep telling yourself that.


Top
 Profile  
 
 Post subject: Virus in Neopets FastClick Ad
PostPosted: Sun Sep 10, 2006 10:39 pm 
PPT God
PPT God
User avatar

Posts: 1567
Joined: Sat Oct 08, 2005 8:41 am
Location: Denver, Colorado
Gender: Female
Awesome, Cranberry! :hug:

I even added some names to the HOSTS file from your link after viewing my Temporary Internet Files folder while browsing Neopets only. I will list what I added so far, and if many more come up I might edit this post.

Quote:
# [Neopets Ads]
127.0.0.1 servedby.advertising.com
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 anrtx.tacoda.net
127.0.0.1 ad.doubleclick.net
127.0.0.1 network.realmedia.com
127.0.0.1 rmd.atdmt.com
127.0.0.1 a.tribalfusion.com
127.0.0.1 m1.2mdn.net
127.0.0.1 an.tacoda.net
127.0.0.1 t.pointroll.com
127.0.0.1 media.fastclick.net #[adrun]
127.0.0.1 searchplain.com
127.0.0.1 tag.context.web
127.0.0.1 us.a2.yimg.com
127.0.0.1 view.atdmt.com
127.0.0.1 media.adrevolver.com


I then came up with a successful search on the question we all wonder most: Is this caused by an ad in Neopets.com? And the answer is .. drumroll .. YES! Sadly. But glad to have finally found this out. Sigh.

Specifically a FastClick ad, most likely an Xbox ad. :roll:

You can read about it here:

fatale wrote:
There's a virus/spyware being served from one of FastClick/ValueClicky ad campaigns.

The actual exploit/virus is being detected in the following file:
_http://64.34.181.44 /adrun/exp.wmf

Which tries to load a number of different files that try to exploit various Windows vulnerabilities:
_http://64.34.181.44 /adrun/c.html
_http://64.34.181.44 /adrun/index2.html
_http://64.34.166.182 /webnetcounters/pps.html
_http://64.34.181.44 /adrun/in.html
_http://64.34.166.182 /webnetcounters/pl_load.js
_http://64.34.181.44 /adrun/ct.html

The IP addresses above all resolve to searchplain.com servers.

Needless to say I removed all FastClick banners from our site until this can be resolved.

I found the ad campaign that seems to be responsible for this -- it's titled "Emanace - Free Xbox". I was taking a closer look at all 468x60 campaigns and noticed that one of them wasn't clickable. Very odd, I thought -- who ever heard of a banner advertiser not interested in users clicking on their ad?? When I right-clicked on the picture in the ad to get the location of where it is served from, I saw something very familiar:
_http://www.searchplain.com /ADSAdClient37/GetAd /J43/TF=_NEW/1011/SC=LG/LOC=R /ID=0006BFFD968BB8AD/

I guess they are using the referer string to load a clean ad when viewed in the FastClick publisher interface and a virus carrying version for the rest of websites.


(Links broken for a reason. Do not attempt explore the above, for safety's sake.)

My evidence (from Temporary Internet Files):
Image

EDIT: Bah, ImageShack hates me too. Rather I suspect I am not doing something right. Anyway here is a direct link to the real sized image but a bit too large to post on the forum. Sorries.

In summary, I advise all users to block fastclick ads in specific, however they can. Cranberry's suggestion of a HOSTS file and adding to it seems like something any user can do quite easily. Now to just pray to the meepits that TNT takes notice, cares, and removes the ad completely!


Inventor of the Mad Plumber Wizard

Main Account: anjuna
Side 1: thetan604
Side 2: unoriginal_sin
Side 3: mobofo
Side 4: anomalie


Last edited by anjuna on Mon Sep 11, 2006 12:19 am, edited 4 times in total.

Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 10, 2006 11:27 pm 
Newbie
Newbie

Posts: 8
Joined: Wed Aug 09, 2006 4:08 am
i use FF with Adblock and i dotn viruses from it


Moo


Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 10, 2006 11:43 pm 
Way Beyond Godly
Way Beyond Godly
User avatar

Posts: 8891
Joined: Sat Apr 22, 2006 2:32 pm
Location: Georgia
Gender: Female
I followed Cranberry's advice, but the website she linked to warned that it can slow down Win 2000 and XP computers; it's definitely slowing mine down (I have XP), though it's only really bad when an ad is being blocked on Neopets. If I were a restocker, the HOSTS fix wouldn't work so well for me. But since I stink at restocking, I'll keep it until Neopets can get itself fixed.


Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 10, 2006 11:46 pm 
PPT God
PPT God
User avatar

Posts: 1567
Joined: Sat Oct 08, 2005 8:41 am
Location: Denver, Colorado
Gender: Female
sx6deep2k2: I know. Firefox and Orca use the Gecko engine so do not use ActiveX. Please read through the rest of the thread. This has been addressed.

Block all the other ads you want, great. I am pointing out FastClick's virus to protect the 70%-80% market share that represents IE/other users. ;)

Siniri: I used the exact same HOSTS file Cranberry linked to, added the extras I listed above and everything on neopets loads super-fast now. (And I also have XP with SP2 but absolutely nothing "updated" tee hee.)

Possibly reboot your computer and/or check for other infections. Or find a HOSTS file that uses 0.0.0.0 instead of 127.0.0.1 which is claimed to be faster, but I found that slowed me more (although the file was very large).

And, why would a HOSTS file interfere with restocking? o_O


Inventor of the Mad Plumber Wizard

Main Account: anjuna
Side 1: thetan604
Side 2: unoriginal_sin
Side 3: mobofo
Side 4: anomalie


Last edited by anjuna on Mon Sep 11, 2006 12:13 am, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Mon Sep 11, 2006 12:05 am 
Way Beyond Godly
Way Beyond Godly
User avatar

Posts: 8891
Joined: Sat Apr 22, 2006 2:32 pm
Location: Georgia
Gender: Female
Quote:
Siniri: I used the exact same HOST file Cranberry linked to, added the extras I listed above and everything on neopets loads super-fast now. (And I also have XP with SP2 but absolutely nothing "updated" tee hee.)

Possibly reboot your computer and/or check for other infections. Or find a HOST file that uses 0.0.0.0 instead of 127.0.0.1 which is claimed to be faster, but I found that slowed me more (although the file was very large).

And, why would a HOST file interfere with restocking? o_O


My computer's clean; I have a very redundant antivirus system. I bought a relatively small (RAM, harddrive space) computer to begin with. It's not perceptibly slower unless I'm running a ton of things at once (I'm a multitasker), but Neopets pages do seem to load slowly. But that happened before the HOST file sometimes, too, so maybe it's just Neopets being slow. It's not unbearably slow, but if I were restocking the good stuff would be gone by the time the page finished loading. But maybe that has nothing to do with the HOST -- I posted the message after dinner, having tried playing Neopets before dinner and it being very slow (5-10 sec for a page to load) then. But I just went back on and it's loading a little faster now (though there's still a 3-sec lag for a page to load with DSL)... I guess I should have double-checked how it was loading now before posting earlier. Sorry.


Top
 Profile  
 
 Post subject:
PostPosted: Mon Sep 11, 2006 12:06 am 
Beyond Godly
Beyond Godly
User avatar

Posts: 2743
Joined: Mon May 31, 2004 3:55 pm
Location: PEI, Canada
Gender: Female
There is a workaround you can try if it slows down your computer (it's on the page); maybe it'd be faster if you tried that. I haven't had any problems, so I'm afraid I can't give any more help than that. :)


Image


Top
 Profile  
 
 Post subject:
PostPosted: Mon Sep 11, 2006 12:11 am 
PPT God
PPT God
User avatar

Posts: 1567
Joined: Sat Oct 08, 2005 8:41 am
Location: Denver, Colorado
Gender: Female
Siniri: You could also just try using a smaller HOSTS file overall, though less ads will be blocked. Maybe make a backup of your original HOSTS file (keep it somewhere safe, unaltered) then copy that to somewhere temporary and convenient (rename to .txt to edit in Notepad) and add to it just the main neopets ones listed above? Then un-rename it back and replace in your 'etc' folder (after renaming your original in that directory to .old or .bak of course)? Just an idea for a smaller, slower computer. Good luck finding a middle ground. :)


Inventor of the Mad Plumber Wizard

Main Account: anjuna
Side 1: thetan604
Side 2: unoriginal_sin
Side 3: mobofo
Side 4: anomalie


Last edited by anjuna on Mon Sep 11, 2006 12:23 am, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Mon Sep 11, 2006 12:21 am 
Way Beyond Godly
Way Beyond Godly
User avatar

Posts: 8891
Joined: Sat Apr 22, 2006 2:32 pm
Location: Georgia
Gender: Female
Thanks for the suggestions, Cranberry and Anjuna. Really, it doesn't bother me that much -- I cruise e-mail, PPT and Neopets all at the same time, so I normally just go somewhere else while the page is loading. It has no effect on games. I just wanted to let other people know that it could slow their computer down if they've got a small system like mine. And now they know how to fix it, thanks to you guys (where I come from, that's a gender-neutral term). So thanks again.


Top
 Profile  
 
 Post subject:
PostPosted: Mon Sep 11, 2006 1:46 am 
PPT God
PPT God
User avatar

Posts: 1567
Joined: Sat Oct 08, 2005 8:41 am
Location: Denver, Colorado
Gender: Female
I am not sure how small and slow your computer is, but a German friend of mine is running a computer older than the sand his silicon is made of (lol) and tested the HOSTS file from Cranberry's link with my added few "Neopets only" ads and he claimed his computer loads Neopets pages about 3 times as fast (as a mark, even on DSL on his old/slow computer usually takes about "half a dozen" or 6 seconds in his words, and with the new HOSTS file a page loads in about 2 seconds! :D

EDIT: His computer is approximately 400 Mhz CPU with 192 MB RAM. 8) And still alive! :o Woot!

So, again if it is a persistant problem I am not sure exactly what it could be due to other than an even slower system, a different system, or simply too large a HOST file for your system. For instance if one does not view 'questionable' sites, they should have no need to block adware common to such, etc. so if it becomes a persistant problem, and you don't usually go anywhere other than Neopets.com and a few other secure places (to check your mail, PPT and so forth), you could simple take the original HOSTS file that comes with Windows (which includes nothing heh) and add the dozen or so I listed above common to Neopets only. That might help.


Inventor of the Mad Plumber Wizard

Main Account: anjuna
Side 1: thetan604
Side 2: unoriginal_sin
Side 3: mobofo
Side 4: anomalie


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 47 posts ]  Go to page Previous  1, 2, 3, 4  Next

All times are UTC


Who is online

Users browsing this forum: No registered users and 335 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group