New Firefox Cookie Blocklist added September 15, 2006.

I have added a section that explains all those cryptic Internet Explorer options under the Security and Advanced tabs.

Here's the new Frequently-Asked Questions and Troubleshooting Guide.

   The Spyware Blocklist contains the addresses to which spyware, adware, and other service phone home. It also contains a listing of ad sites and other sites -- mainly for family or corporate users -- which can be blocked to keep the kids or employees from accessing things they shouldn't. It is intended to both block existing spyware and to prevent future infections. To actually remove spyware, visit the links page. I STRONGLY recommend using these lists, regardless of how secure you believe your computer or network to be!

For Intrusion Detection Systems (NIDS or HIDS)
Introducing the Parasite Detection System! A must for any network to be secure!

Parasite Detection System, Basic - An IP-based detection system, the Basic PDS will flag outgoing traffic to known parasite addresses. It uses IP-based filters only (no content matching) for optimal performance. This will drop right into an existing snort.conf file or can be used alone. Make sure to save it with a .ZIP extension. The Parasite list uses only IP address-based detection, so it's both very fast and there is a low risk of insertion or evasion problems. Last updated October 17, 2006.

For blocking with your firewall
Note: The Type 1, 2, and 3 files are "full" - the limit to how many rules Kerio can take has been reached. Therefore, if you wish add new rules, you will have to remove others.

Kerio List Type 2 - This is the ruleset you should use if you are not sure of which suits your purposes. Similar to the above, this file contains all the spyware filters above, plus some strict firewall rules for better protection and the basics to make an Internet connection work. Especially recommended for Microsoft Internet Explorer and Outlook users. Last updated March 15, 2005.

Kerio List Type 3 - This file contains all the spyware filters above, plus some VERY strict firewall rules for maximum protection. It is intended to be used in conjunction with some extra procedures covered in Step 8. This gives the most protection. Last updated March 15, 2005.

Kerio List Type 4 - This is a basic configuration with few spyware filters, and only ad filters for major ad services. Not recommended for Internet Explorer, corporate, or family users due to the lack of spyware and adult filters. This is meant to be used by users running safe browsers like Firefox/Netscape/Opera. NOTE: If you installed the February 20, 2005 version of this ruleset, please update to this version. Last updated March 15, 2005.

The Original Spyware Blocklist - This text list contains a frequently-updated listing of the "home sites" used by spyware and adware, as well as other things you may wish to block. Use this if you don't use Kerio or if you don't wish to use my ready-to-run file. You will have to input everything by hand. Last updated October 16, 2006.

Kerio Type 2 in text format - This is the Kerio Type 2 list in text format. Some people might like this because they can cut 'n' paste the Spyware Blocklist with their existing Kerio rules. Do not download this unless you really know what you are doing. Last updated March 3, 2004.

Linux Firewall - This is a high-quality IPTables firewall by Jerome Nokin for Linux users. Version 1.03 is the most current and contains, among it's many features is that auto-updating script for the spyware filters so you do not have to do manual downloads, and a method of selecting the filters you want. It's especially useful if you have a Linux machine acting as a proxy or firewall, but is very useful for desktop Linux users as well. It should be compatible with most versions of Linux. Last updated September 3, 2005.

How to use: Simply download the list of your choice. If you want to download one of the Kerio lists, simply right-click the link and select "Save Target As..." or "Save File As..." (depends on the browser you are using). When it has downloaded, simply start up Kerio, then right click it's icon, which is a blue shield at the bottom right of your screen. Select Administration. Click the tab along the top called Miscellaneous. Where it says Firewall Configuration Files, click Load. Now, just find the file you downloaded from this site and select it. (If you don't see it, try clicking the box called Files of Type and selecting All Files). You're done! Kerio may pop up a few alerts as it adjusts to the new ruleset you just imported. Allow the programs you know and trust, and whose names you immediately recognize, to connect to the net and disallow ones you don't recognize or trust.

   If you want to allow a program to connect to the net and are using the Type 3 ruleset, allow Kerio to create a rule for it by running the program. Then, go into the rule list (Right click Kerio/Administration/Advanced) and go to the bottom of the list. Make sure to use the regular windows scroll thing at the far right, not the square arrow buttons. Your newly-created rule will be at the absolute bottom of the list. Select it, and press the up arrow (square arrow button) and move it above the two Port Block - All rules. While you're there, if you like, you can look a few rules above for the various browsers and email programs that I entered into Kerio and delete out any you don't use.
You may always use the handy little Frequently-Asked Questions and Troubleshooting Guide if you want it.

Configuration files for DNSKong

DNSKong Blocklist - This list is a text file called named.txt and should be placed in the same directory as DNSKong, which is usually c:\progra~1\pyrenean\dnskong\. If you don't already have DNSKong, you can download it and read instructions on how to install it here. Last updated October 16, 2006.

HOSTS File

HOSTS file - Although intended for users of DNSKong, this will work with Windows system not running Kong, as well as UNIX, and Linux. This update is already included in my distribution of DNSKong for Windows as of November 27, 2003. It is just a text file that should be placed in your c:\windows directory. It is intended for people who run DNSKong, but also blocks some common ad sites for Unix and Linux users and will suppress all Opera ads. Make sure that when you save it it has no extension. Make sure that the "Files of Type" setting in your save menu is set to All Files. (That is, it is not called HOSTS.TXT but rather just HOSTS. with the period at the end. I had to call it HOSTS.TXT here because Geocities wouldn't allow me to leave off the .TXT.) Last updated October 16, 2006.

The Proxomitron configuration files

The Proxomitron Configuration file saves you the trouble of having to configure Proxomitron yourself. Download this and save it in your Proxomitron folder as DEFAULT.CFG (Make sure, in the box below the filename, called Files of Type or something, to select All Files.) Right click Proxomitron, select Load Config File, and load this in. Voila! Last updated February 8, 2003.

Even tougher Proxomitron Configuration file which filters more nastiness. It seems not to cause many problems but, as they say, "Your Mileage May Vary". This is the preferred file to use for Proxomitron, but if you experience problems viewing websites with this one, you can always download the other one. Download this and save it in your Proxomitron folder as DEFAULT.CFG (Make sure, in the box below the filename, called Files of Type or something, to select All Files.) Right click Proxomitron, select Load Config File, and load this in. Last updated March 12, 2003.

Configuration files for ID-Blaster

ID-Blaster List - This list is a default configuration file for ID-Blaster Plus, available here. This will neuter some forms of tracking while allowing the appropriate programs full Internet access. Save this in your ID-Blaster folder as DEFAULT.INI. (Make sure, in the box below the filename, called Files of Type or something, to select All Files.) Last updated October 2, 2003.

Opera 6

Opera configuration file which fixes a few minor annoyances and bugs with Opera 6.xx. Right-click this link to download and save as Opera6.ini in your \Program Files\Opera folder (or wherever Opera is located). Right-click the link to download, select Save As, and make sure to set the "Files of Type" box in the download dialogue to All Files. Last updated March 12, 2003.

Mini-blocklist for Firefox

Firefox Cookie Blocklist - This list is a text file that needs to be renamed or saved as hostperm.1 due to limitations of my hosting service, and the hostperm.1 file should be placed in the same directory as your Firefox profile, usually c:\Documents and Settings\{your Windows username}\Application Data\Mozilla\Firefox\Profiles\{random letters and numbers\. (Note that it's in the same place as your your xpti.dat file, so you can always do a search for that xpti.dat if you aren't sure where to put the Firefox Cookie Blocklist, and just put it in the same directory.) It blocks losts of cookies, many more than current editions of Spywareblaster do (though you should still use that program.) It will overwrite any permanently saved cookies so if you wish to keep those, use an editing program like Notepad to copy 'n' paste the contents of the Cookie Blocklist into your existing hostperm.1 or cookperm.txt file. Last updated September 15, 2006.

Spyware Removal Updates

It is best to use the built-in update features of these programs. However, they are included here for the sake of completeness. If you don't already have them, it is strongly recommended that you download and install all three. Run their built-in update feature after installing them, then let them check for malware.

SpyBot Search & Destroy is one of the best spyware removers available, and it's free. I recommend also using Ad-Aware, as both SpyBot and Ad-Aware can find and remove things the other can't. I still recommend using the firewall and DNSKong to prevent future infections. SpyBot has a built-in update feature which is safe to use and you should check for them from time to time. Due to overwhelming popularity, there is a second, "mirror" site set up here.

Lavasoft's Ad-Aware 6 is another good, free spyware-removal tool. This is also a must-have. Like everything else recommended here, it's free.

Spywareblaster is a good tool that prevents the installation of many kinds of spyware. The author, Javacool, also has a lot of other great utilities.

Disclaimer: All the sites, IP ranges, associations, etc. are provided to the best of my knowledge and are based on various traces and linkings by registration information, company affiliations, media reports, and other publicly-available websites and resources. No guarantee as to the accuracy of this information is assumed nor is any harm intended toward any corporation(s) or individual(s) on, affected by (directly or indirecly) by the use or misuse of these list or files. By reading or using this information you agree to indemnify and hold harmless the author, provider, poster, sender, or contributors to these lists and files harmless, as well as any service provider used in the transmision of this list, for any damages, loss of service, loss of reputation, or any other injury. This information is not intended to be used to violate the Terms of Service or End User Licensing Agreement between a user and any vendor, website, or spyware, adware, or advertising manufacturer or their affiliates. Please post corrections, updates, or commentary to alt.privacy.spyware or email me at yospongeP@yahoo.comP. Remove the two uppercase letter P's to email me.

Spyware and adware is defined as any program, applet, ActiveX control, Browser Helper Object, or other code, script, or website which transmits data from a client's computer, or a service which meets one or more of the following criteria:

1. Is installed without a user's explicit knowledge or explicit consent.

2. Uploads information without a user's explicit knowledge or explicit consent.

3. Uploads, associates, or appears to or is readily capable of associating uploaded information with personally-identifiable information, such as registration information or data collected from third-party sources, without a user's explicit knowledge or explicit consent.

The "user" is defined as any person or entity who may use a particular computer on which the alleged spyware, adware, surveillance tool, or code is installed.

Make sure to back up your system before making any changes! It's a good idea to backup your system periodically anyway!