[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 424
  • Last Modified:

Are there any real-time blacklists of adware/spyware distribution sites?

I want to write a passive "infected machine detector" which will sniff network traffic and identify machines on my LAN that are infested with adware or spyware.  I aim to sniff all DNS resolutions, cache the results, and then use a blacklist lookup to tie resolved IP addresses to the bad guy sites.

I know there are a number of realtime black lists for spam-forwarding mail servers.  Is there anything like that for servers used for disseminating adware/spyware apps, or catching uploaded spyware data?

I'll award the full 500 for a slam-dunk answer, somewhat less for research suggestions (I'm wasting too much time doing research, and not getting very far).

Rob---


0
RHenningsgard
Asked:
RHenningsgard
  • 2
  • 2
2 Solutions
 
blue_zeeCommented:

Not exactly what you want/need, but surely useful:

Rogue/Suspect Anti-Spyware Products & Web Sites
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Zee
0
 
RHenningsgardAuthor Commented:
cwkhang, the hosts.zip file from http://www.mvps.org/winhelp2002/hosts.htm is in the ballpark, because it specifically identifies adware, "parasite", and trojan sources.  I can certainly write a parser that'll strip out the annoying but innocent banner ad sites, and distill the list down to only malware distributors.  If this is the best source I can find, it'll be far better than nothing.

blue_zee, the rogue_anti-spyware.htm page is indeed very interesting.  It'll provide me a good source of malware products to test in my sandbox.

Y'know, if there's not a killer malware site list out there like the email black hole lists, maybe I'll have to start one...

Anybody else got any malware-perpetrator site lists?
0
 
RHenningsgardAuthor Commented:
Well, I've found some additional resources, but you guys got me on to useful tracks, so I'll split the points and close the question.  Thanks!
0
 
blue_zeeCommented:

Thank you too.

Zee
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now