Known Attack Site List
Yes, it's a pun (the acronym would be KASL... pronounce 'castle', as in the chess move often used to protect the King). We will keep the current 'known bad' site list here. DO NOT VISIT THESE SITES!!!!
A site gets on this list when it is the repeated 'destination' of defacement attacks. That the most common hacker attack works like this: They deface YOUR site, putting in code that pulls a trojan from another site, loading it into your visitor's browser. Result: the visitor's anti virus software will blame YOUR SITE for the bug.
Why post this list? Instructions at the bottom of this page will tell you how to use this list to protect YOUR computer from these attacks. If you know where the worst-of-the-worst sites are, and tell your computer not to go there, it gives you a little extra protection when surfing. This should be used in addition to traditional anti-virus programs with active scanning (not instead of).
Current known attack sites:
Use for this list
There is a file called a 'hosts' file on most personal computers (Max and Linux boxes have this as well). The file lets you trick the computer into never visiting the actual site.
Here's what to do:
Once this is done, any time you browse to a site hit with this
iframe, your computer will not be able to find the website, so you
won't get infected by it.
- From your desktop, click on "My computer", or right click on the
start button and hit 'explore'. This brings up your local file
explorer. (Note: Vista users: load a copy of notepad (run as administrator), pick 'open files', switch to 'all files view'... XP and older can use regular file explorer.)
- Navigate to : C:\Windows\system32\drivers\etc (note: you may
have to enable 'view system files', or disable 'hide system files' to
- You will see a small list of probably about 5 files. The important one for this discussion is "hosts" (no extension).
- Double click on the 'hosts' file. If windows asks you what program to use, select 'notepad'.
- At the bottom of the file, add the following line:
- (Note: There are often several spaces or a tab between the IP address and the domain.)
(Note: Put each attack site on a separate line, always starting with 127.0.0.1)
- Then pick file/save in notepad, and reboot your computer.
No, PayPal is not attacking you:
We've been getting reports of odd behavior with mail clients when looking at PayPal emails. Hangs, or multi-minute non-responses. The problem is the PayPal has a 'squeaker' image: one the reports back when you are viewing one of their emails (like payment notices, receipts, et cetera.). The problem is the link they are sending is broken.
They are putting in a 'squeaker' link that doesn't start with "http", so Outlook times out looking for a nonsense address.
I put this here, because you can use the same process to stop this on your computer. This is a 'work around', and you will edit the same 'hosts' file that you would for an attack site.
add: 127.0.0.1 102.112.2o7.net
So that the malformed 'squeaker' address resolves locally, and then the timeout stops. I've seen it work myself (richp).