Page 2 of 4

Re: Well rating malicious site

Posted: Thu Apr 17, 2008 4:29 pm
by Sami
Yes, we know. I suppose it would be possible to let you rate sites on the scorecard in future, but we haven't really discussed this.

On the other hand, forcing you to actually visit a site before rating it makes it more likely that you confirm your suspicions instead of rating based on hearsay alone. It also helps in preventing users from accidentally rating the wrong site. For example, it's way more unlikely that you'll give a good rating to [url=http://en.wikipedia.org/wiki/Typosquatting t=_self]a typosquatter[/url] when using the add-on.

Some notes.

Posted: Fri Apr 18, 2008 2:21 am
by Alex Tracer
Q: How to safely visit dangerous site?
A: 1) Use safe browser. Usually this means: "do not use Internet Explorer". Try fresh versions of FireFox, Opera or Safary.
2) Disable JavaScript in your browser.
3) Use antivirus that supports browser-integration.

Q: What about lyricsfreak.com?
I'm not sure but I think this site was hacked recently. "Black" hackers usually do such things to get more computers for their botnets. My own site was infected few times in the same way until I recasted site's security policy.

@Alex Tracer

Posted: Fri Apr 18, 2008 11:34 am
by lordpake
In context of my previous post here I do find your post rather irresponsible. Regular home user has no SAFE way of visiting malicious site. And by malicious I mean sites that have exploits in place. What you suggested are simply means of narrowing the window of vulnerability. Not forgetting up-to-date Java, Flash, QuickTime, Windows etc.

Better leave visiting active exploit sites to security professionals and to those advanced users who have solid understanding of what they are doing.

"As long as you are using

Posted: Sat Jun 07, 2008 2:56 pm
by phantazm
"As long as you are using Firefox with adblock, you should be alright..."

I'll recommend NoScript as well
(only available for FireFox)

into the lion's den...

Posted: Mon Jun 09, 2008 7:08 pm
by woova
Alex' suggestion to disable javascript isn't feasible. The WOT scorecard rating relies on javascript. Disable javascript and you'll receive an error msg when trying to send a rating (and the comment text field will be unavailable to you)
-=-
"Sorry, this page does not work correctly without JavaScript. Please enable JavaScript on your browser."

The myWOT staff might consider adding a "report an unsafe site for review / verification" contact form to the website "support" menu (displayed only to logged-in members) and / or an additional flyout within the context menu of the browser plugin, similarly labeled "report an unsafe site for review / verification".

Verification?
The point is that some sites may merit "special handling" or may seem especially malicious (to the reporter, er, testifier), seeming to merit immediate "red flagging". A staff-verified rating (heavy weighting, definitive 'confidence') would expedite the rating process.


Another situation related to "special handling" and verification:

Consider what will transpire when a testifier reports on the "domain"
badsite.tld:8081/goboom.htm

He probably doesn't realize that the link he followed led to content which is being served from a non-standard port. He places a rating, submits a comment...

...and anyone reading the scorecard who attempts to "verify"
that badsite.tld is indeed bad, finds only innocuous content when they visit -- because the the "baddie" site owner is maintaining a "front", by also serving content from
badsite.tld:80


Into the cats den..?

Posted: Tue Jun 10, 2008 2:48 pm
by phantazm
I agree that it is not a good idea to disable javascript. Then again allowing javascript in all directions is not safe either. That's why I like NoScript, as it allows you to allow one site, and still dissallowing others. Some cats are indeed lions, some cats are just kittens. Therefore a differentiated response is optimal.

However, NoScript is only for FireFox.
And perhaps too complicated for newbies...

hiya

Posted: Tue Jun 10, 2008 8:39 pm
by woova
This thread opened with:
"lyricsfreak dawt com sometimes leads to an adbrite page"

Attention to the SOMETIMES factor spurred my "into the lion's den" remark.

Lion's den, slippery slope, can-o-worms... however you label it, verification will be problematic when content is being randomly / conditionally displayed at a given URL.

Another way to rate malicious sites.

Posted: Mon Jun 16, 2008 8:44 pm
by Bald
There is also another way to rate a malicious site is using Adblock Plus, and I think there are very much people using it. You can just add the following filter:

Code: Select all

*
This will block everything. Just add the filter, rate the site, go away from the site and remove the filter.

If you get any of that trogan-ware ..then??

Posted: Tue Jun 24, 2008 1:59 pm
by Parridox
If you get hit by any trogan download viewer or other means of there virus-ware.You can then no longer trust your Operating System too be stable an clean, You or i would if it was me,Do a online scan if able to get one,Turn off my System restore so that the virus can not hide on my PC, or called jump around,not being caught by my Anti-virus or Spyware killer i use.When it is all clean, after the scans of them,i will turn on my System Restore again.I do not turn it onto full 12 % or what it is able too use.I set it at 3 too 5 % of space to use.The extra backing up will not help anything.I was reading in some tech news somewhere's.
I use as a anti-virus: ( BitDefenderFreeEdition v10 - Built 247
http://www.BitDefender.com
Spyware killer i use an trust: http://www.SuperAntiSpyware.com

P.S. Both of these programs are FREE editions !
I hate anything that takes away from clean health of my PC. Thank you .!

Heres what I use...

Posted: Tue Jun 24, 2008 5:05 pm
by Jared Gray
I dont have a specific browser for visiting potentially bad stuff.. I do have lots of layers though to protect me..

My Standard Windows Setup...
Router>Comp..
Firefox2\3 (always clearing pvt data etc - with phishing etc protection enabled)
HostsMan (MVPS list)
PeerGuardian 2 (various lists for p2p\trojans etc)
Spybot Search & Destroy (SDHelper enabled)
Clamwin Antivirus..
Stinger Standalone Antivirus
Custom Removal Tool for USB viruses I pick up at school constantly..
IE7 Pro for adblocking in IE etc.. (with WOT synched)
...


I have various initial posts on the tools i use etc.. Way back in the forums..


Peace
---------
Jared Gray