In early June, I posted an article – Norton DNS – Another Layer of Computer Security, in which I stated –
You should consider additional system hardening by substituting your ISP provided DNS service, with a more secure alternative.
A few days later, I posted an article – Follow the Link and You “Takes Your Chances”, in which I made the point –
As a matter of policy, I test every allowed link included in a comment, for safety. Spam filters can often miss comment spam, some of which are highly dangerous. While comment Spam is a pain for the Blogger, a reader who follows a link in a malicious Blog comment, which leads to a malware site, is in for a very painful experience.
The following comment emailed to me by WordPress just today, and not picked up by the Askimet spam filter, provides a perfect example where these two intersect:
The email notice:
A new comment on the post “Download TrueCrypt – TrueCrypt Beats The FBI Decryption Team!” is waiting for your approval.
Author : retnol (IP: 202.70.54.67 , 202.70.54.67)
E-mail : retno.larasati08@student.ipb.ac.id
URL : http://retno.larasati08.student.ipb.ac.id
Comment:
well, nice post. Thank you for sharing.
Approve it:
Trash it:
Spam it:
On testing the URL (the link), contained in the comment, I get this result from Norton DNS. This is not as uncommon as you might think.
Further investigation of the Threat Report, reveals the following.
Pretty scary stuff, I think you’ll agree.
So, I’ll repeat –
Be cautious when following links contained in comments on any web site – not just Blogs.
Be particularly cautious of comments, on any web site, where the writer is describing a problem with recommended software and offers a link to alternative software. This is a favorite technique employed by cyber-criminals. All software reviewed on this site, for example, has been thoroughly tested, by me, for usability. If a reader has a problem with recommended software, it’s generally a machine specific problem.
Be cautious when following any link contained in any web page. Recent reports indicate there are 5.8 million individual web pages infected across 640,000 compromised websites. Cyber-criminals are finding it easier than ever to inject malicious content into legitimate sites.
Since the majority of infected sites are infected with Java based scripts, consider using Firefox with the NoScript add-on. NoScript offers superior protection.
Install an Internet Browser add-on that provides protection against questionable, or unsafe websites.
Use Norton DNS as an added safety precaution.
You simply cannot trust links, given the state of the Internet, so if you haven’t hardened your system by substituting your ISP provided DNS service, with a more secure alternative, I urge you to do so.
I deal with comments like this every day – it just happens, that today, I had some spare time to bring this situation to your attention, one more time.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Bill Mullins' Weblog - Tech Thoughts 
Hey Bill,
Exactly, it does what u said.. As a matter of fact, it just saved me too from accessing a malicious site which i thought of as safe as it was rated ‘Green’ by WoT..
I’m glad i’m a reader of your blog and switched to Norton DNS after reading your post about it..
Hey Ranjan,
I’ve now removed WOT from my list of recommended applications. Given how easy it is to manipulate, it’s wrong far too often. In this particular case, WOT showed this site as “Green” despite 53 viruses and other web threats, and that’s just unpardonable, in my estimation.
Good to hear from you.
Bill
Maybe use Norton safe web lite as an alternative to WOT http://safeweb.norton.com/
especially if you’re using Norton DNS.
Sandboxie or Geswall are a must because not one product can give you 100% protection.Layered security is the answer as Bill keeps telling us all 🙂 and he is right.
Great advice as usual Andy.
Thanks.
Bill
Bill,
I switched over based on your original article and I’m glad I did. I’ve come across more than an occasional bad site.
Thanks for this.
Liam
Hey Liam,
I’m glad to hear you found it useful.
Bill
Bill,
I agree. Web of Trust is no longer Any Web of Trust. Its becoming more like Web-of-Tackle, where anyone can tackle (affect) a site’s reputation by creating multiple accounts and rating absurdly…
Straight to the point Ranjan, and I agree entirely.
Bill
Then i guess, its time to ditch WoT and find other alternatives similar to Norton DNS or McAfee Site Advisor etc….
People who like WoT may keep it as just a formality and remember not to rely on it. 😛
Hey Ranjan,
Yes, I agree. At this point I’m not comfortable recommending an uninstall, but I do think the addition of say, McAfee Site Advisor, would be prudent.
Bill
Hi Bill,
Yet another strong point you make about security and how you can never be too careful, good on you.
I’m interested in yours and others comments about WOT, I’m assuming it’s time to dump it?
Cheers
John
Hi John,
At this point I won’t recommend WOT for new installs.
The people behind WOT are very good people, but a change in the “community driven” aspect is long overdue, in my view. Depending on individuals to provide an honest assessment of their web site experiences has led to a small closed circuit, populated mainly by amateurs who are untrained in assessing a web site’s overall security status, having disproportionate impact. As well, given that the “community driven” aspect has been given too much weight, WOT is easily manipulated by less than honest individuals.
Finally, I have read assessment comments that are personal in nature, which reflect a dispute between the site owner and the rater – something that should never be allowed. In some cases, I have known the people involved, and I was well aware that the comments were patently untrue. But, since the comments were posted by one of the “closed circuit” individuals, the comments were allowed to stand and the web site’s rating was affected unfairly.
If, or when, WOT develops a more transparent rating system which emphasises professional input over amateur ratings, I’ll reconsider my views. in the meantime there are more reliable alternatives including McAfee SiteAdvisor – http://www.siteadvisor.com/.
Best,
Bill
Thanks Bill for that very thorough description of what’s what at WOT at the moment. I know I don’t uninstall very often but here goes.
Cheers
John
Hi John,
LOL! “What’s what at WOT.” YES!
Best,
Bill
Bill ,
I am somewhat snake bitten with vista. Going back to your earlier post ( it looked easy) I decided to try this and it worked . Thanks for the heads up.
Greg
Hey Greg,
I’m very pleased to see that you have installed this. I think you’ll find it a big help in surfing safely.
Bill
I’m interested how it compares with Sunbelts new DNS tool. I’m liking this new approach to security, I think DNS filtering is a great new tool for the arsenal.
Thanks for the update.
Mark
Hey Mark,
Haven’t tried that yet, but I have it scheduled for the next few days.
We all need a little more confidence that we won’t be victimized so I agree with you, this is a great new tool.
I know you’re busy, but I hope your weekend is going well.
Best,
Bill
btw, student.ipb.ac.id is an indonesia university bloging for their students,
i think ipb.ac.id itself is safe
I appreciate your comment but, the main site is NOT safe. You should contact your system administrator since it’s very obvious this site has issues.
Bill
yeah, eset pop me too JS/TrojanDownloader.Agent NRL
i am not a student from there,
Thanks,
Sorry, I thought you were a student at that campus.
Thanks for the update.
Bill
Hi Bill
As I found out recently when I was recommending your weblog, some forums won’t allow the inclusion of links for just that reason.
I use both WOT and SiteAdvisor on Firefox with NoScript. Also have OpenDNS installed. Do I need Norton DNS as well, or would this result in conflicts?
BTW all the above were installed following recommendations by you. Speaks for itself I think.
Kind regards
John
Hi John,
DNS acts as a gateway to the Internet in a manner of speaking, and you can only go through one gate at a time, just like in the “real” world. So, in the broadest sense I’m afraid it’s an either or situation.
*Note:* for the techno geeks who will read this response – yes, I know it’s possible to to set up a cascading DNS sequence. In this specific case, there’s no discernible advantage.
Best,
Bill
Hey Bill,
Well, that’s done it for me. I just changed my settings over to Norton DNS. I was a bit shocked to read that info about WOT, while I always thought it wasn’t infallible, giving the green sign to a site with 53 known infections is just not good enough. Thanks for the info on this.
Cheers
Hey Mal,
That’s very cool. It’s good to know my Australian buddy will now be just a bit safer on the Net.
I think I was the very first IT pro to recommend WOT back in the day, and consequently, I developed a personal relationship with the principals. WOT, since that time, has developed a strong reputation, but in this business, sitting on your ass and relying on outmoded modalities just doesn’t cut it. WOT needs to change in order to maintain market position and, most importantly, provide the level of protection users require in a constantly changing environment.
Best,
Bill
Pingback: Tweets that mention Norton DNS Can Save Your Butt! « Bill Mullins' Weblog – Tech Thoughts -- Topsy.com
Pingback: The Comical Comment Spammer « Bill Mullins' Weblog – Tech Thoughts