Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
Applications /

Rendering spyware mute

Gearhead archive By Mark Gibbs
Network World, 05/28/01

Last week we discussed spyware, which monitors and reports on what you do. Spyware, usually produced by some company other than the vendor of the software it is embedded in, can be found in more than 800 applications (see this list of known spyware).

Then we reviewed Ad-Aware, a free utility from Lavasoft of Germany, which scans your PC's memory, registry and file system looking for spyware.

This week, a reader directed us to a free program called SpyBlocker, which blocks the communications of spyware installed on a PC so spyware runs but can't exchange data with the server to which it should report. Ensuring spyware can't communicate is important, as you may find after using Ad-Aware that some applications containing spyware subsystems may not run correctly or at all.

When SpyBlocker is installed, it modifies the host file (in c:\windows) to map known spyware "home" servers to the local loopback IP address. Because the host file statically defines the address for each home server and any other servers you want, that routing is used rather than having the local TCP/IP stack attempt to resolve the server's IP address using your PC's default DNS servers.

When running, SpyBlocker is a miniature Web server sitting on Port 80 that fields the requests for the various home servers and logs each event by monitoring the HTTP header of each request. If you want to use Port 80 on your PC, which is the default port for Web servers, you're out of luck - SpyBlocker cannot be configured to use another port.

Many packages that contain spyware forbid any form of modification, either static (in the binary file on disk) or dynamic (modification to the running application in memory). This means, technically, Ad-Aware may lead you into crime by modifying an application and its associated spyware.

Of course, a case of license violation in this way has yet to be tested in a court, and the fact that most software using spyware doesn't reveal itself could make the charge of license infringement pale in the face of a charge of violation of privacy.

SpyBlocker can also generate Proxy Auto Configuration (PAC) files to configure browsers to automatically block Web servers that provide ads and other content you may not want to see. PAC files contain programs written in JavaScript originally intended to autoconfigure a browser for proxy settings.

Now, because a different proxy might be required for different URLs, the PAC file script can also check every URL requested. This lets requests that are intended to retrieve ads from ad servers be blocked.

SpyBlocker is way cool and, like Ad-Aware, free. And as with Ad-Aware, we award SpyBlocker nine gear teeth out of 10 and a commendation for being free.

No ads to gearhead@gibbs.com.

RELATED LINKS


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.