Do you know if anyone has compiled a list of the malware sites? I would like to put it into my SonicWall policies.
Jon | Homepage | 11.07.07 - 12:52 pm | #

Hi Jon,

for Mac aware DNSChanger domains please refer to my blog:

http://peki.blogspot.com/search/...earch/label/ Mac

In my opinion it would be easier to block the whole Cernel net range: 64.28.176.0/20

The rogue DNS servers all seems come from the Inhoster net range: 85.255.112.0/20

Blocking both ranges should not harm your surfing in any matter

PS: Me also blocks Intercage, RBusiness Network, ... at my router at home. Just to feel more comfortable *hehe*
Me | Homepage | 11.07.07 - 3:57 pm | #

Man. We're so used to these fake codecs and rogue antimalware programs, you'd think they'd come up with something new.
Mark | 11.07.07 - 5:30 pm | #

@Jon

Google for the MVPs Hostfile as an example. That one includes all sorts of "rogue" sites.

@Mark

If you think that way, you still dont get why and how this works...

General comment:
Its funny that the codec sites all look the same though. Unless you are a "re-ocurring customer" you wouldnt realise though, that that Japanese looking face has been on prev fake codec sites and the layout is about the same too...
Yourhighness | Homepage | 11.08.07 - 3:23 am | #

Thanks for all the tips.
Jon | Homepage | 11.08.07 - 8:27 am | #

Yeah, I never thought about that fact that face is always on the codec sites. And as for the way I think, well, I have no comment.
Mark | 11.08.07 - 3:23 pm | #