Blocking Advertising

Internet advertising is one of the biggest risks to your security and privacy so it’s important to block it if you value these things, some might argue it’s wrong to block advertising but when it puts you and your computer at risk there is no other option.

Internet advertising can be blocked by three main methods:

  • Hosts file
  • DNS filter
  • Browser plugins

Most people these days use browser plugins such as AdBlock, Adblock Plus or my personal preference and recommendation uBlock Origin, these in general do a very good job at blocking advertising but don’t work outside the web browser, they can also be used to remove unwanted elements from a web page giving you a cleaner browsing experience.

Hosts File

The hosts file is a little more complicated to explain, when you go to a website such as http://www.google.com your computer needs to lookup the domain name to obtain the internet address such as 216.58.198.110, this is done by contacting a DNS server which is typically provided by your ISP, however in the early days of the internet there was no DNS servers, instead it looked in a hosts file which manually maps domain names to ip addresses, for example:

216.58.198.110 http://www.google.com

The hosts file typically has priority over the DNS server so you can use it to override the domain name resolution, this is usually done by redirecting the domain to the local loopback address which is 127.0.0.1 or 0.0.0.0, this effectivly blocks the domain.

On windows the hosts file can be found at C:\Windows\System32\drivers\etc\hosts
On Linux and most other UNIX based systems it can be found at /etc/hosts

To make things easier you can find hosts files online that already block the majority of advertising providers and other unsafe domains, I’m currently using Steven Black’s hosts file which is compiled from several different reliable sources.

This applies to all applications on your system but I still recommend it be combined with a browser plugin for maximum coverage.

DNS Filter

Rather than at the hosts file the blocking can also be done at the DNS server level, you can either do this by setting up your own DNS server or by using a public DNS service such as OpenDNS.

Personally I don’t use these public services out of privacy concerns but if you want a very simple method that needs no maintenence this might be for you, one big advantage of this is that it works on devices where you cannot typically access the hosts file.

If you have a Raspberry Pi laying around consider installing pi-hole on it for a super simple hardware DNS server.

Advanced Blocking

Sometimes you may run in to an advert that is not blocked by any of your installed methods, in a web browser it’s easy to add new blocking rules but outside you may need to find which domain it’s coming from.

This is easily done by tools such as Process Explorer or Wireshark which can show all HTTP connections, with a little effort this is usually able to locate the offending domain, for cases where the connection is made directly by IP address you can block it using a firewall such as TinyWall or Windows Firewall.

Browsing the Web Securely

Browsing the web is one of the most dangerous activities when it comes to keeping your computer secure, the vast majority of all malware and worse infections come through web exploits, this article covers some of the best ways to improve your security.

The Web Browser

Using a modern web browser that is regularly updated is one the most important thing you can do, Mozilla Firefox and Google Chrome are two of the most popular but there are plenty of others out there that are just as good such as Opera, Vivaldi, Chromium and SeaMonkey.

Most of these have versions for mobile devices, although in my opinion it’s best to avoid doing anything important on a mobile device, particularly with Android.

Block Advertising

A large percentage of malware is delivered through online advertising so it’s absolutely critical that you block it, white listing certain websites is also a bad idea since this can occur even on major websites like YouTube.

There are a variety of adblockers available, some of the most common being adblock plus and ublock origin, personally I recommend the latter as it uses less resources and allows no ads by default.

Another form of adblocking (also used for other purposes) is by using a custom hosts file, this stops the computer from connecting to the listed websites, this is best used in combination with an adblocker, one good hosts file can be found here along with usage instructions.

Browser Plugins

Plugins like Flash and Java are a big no if you’re looking for security, flaws in these can easily expose your system to serious infections, if you need to use them make sure you always have the latest version and keep it disabled until needed.

Javascript

The majority of serious malware makes use of Javascript in combination with known web browser flaws to gain unrestricted access to the system or some other kind of attack, disabling Javascript when visiting unknown sites is the best thing you can do, unfortunately Javascript is also used by almost all websites for interactive content.

One way to make this simpler is to use a browser extension such as NoScript, this by default blocks all scripts so you have to manually accept them, this is a little time consuming but it only needs to be done on your first visit to each web site, in addition it allows you more control over what the website can do.

Cross-site Scripting (XSS)

A cross-site script is a script that reads or sends content to another website, one simple example being loading an image hosted on another web site, the problem with this is that without proper care and design it’s possible to exploit XSS to read private data or inject malicious code.

The risk of this cannot be emphasised enough, many major websites such as YouTube, Twitter and Facebook have been attacked using XSS, the best way to prevent this is to use a browser extension that by default blocks all cross-site requests such as RequestPolicy.

Virtual Machine

Perhaps the only true way to ensure security of your computer is to browse the web in a virtual machine, this is often time consuming to setup but is well worth the effort, this way you can be reasonably sure that even if you are infected the infection will be contained to the virtual machine, a lesser kind of virtual machine is a virtual sandbox which basically creates an isolated container, this isn’t nearly as secure as a virtual machine but is much quicker to setup.

Secure Operating System

If you’re using Windows then you’re going to be at significantly higher risk of infection, simply due to the number of users, the quickest way to boost security is to switch to Linux, BSD or Mac OS X (if you can afford it), this is not for everyone however but is well worth giving it a try, these can also be used in a virtual machine.

Use Anti-virus Software

Having some anti-virus software installed is very important, this is usually the final barrier stopping an infection, particularly as most now scan any changes made so malware and other nasty stuff is caught before it can actually cause any problems, this comes at a small impact to system performance but the loss is well worth it.

Anti-virus software should not be confused with anti-malware software, most anti-malware software deals with minor things such as adware and tracking cookies, anti-virus software will often ignore these so it’s good to have both.

Password Security

In the event that a web site you used is compromised (all too common these days) it’s important that you have unique passwords for each website that you use, these can be hard to remember so a program like keepass is extremely useful, this also allows the use of much longer passwords helping to prevent dictionary attacks and brute force.

Suspicious Sites

Always look at the URL before you click a link, unusual domains like .tk and domains in countries like russia and china (assuming you don’t live there) should be avoided.

If your browser has the option or there is an extension available you should disable automatic redirects, there have been many cases where a normal site has been hacked and changed to redirect you to the attack site.

Downloads

Another common technique to catch people is drive-by downloads, this is where a download will randomly pop up when you reach an infected page (usually triggered by a script), always check the download name, size and file extension, if you’re even the slightest bit concerned scan it before opening, a final fail safe is to open any download in a virtual machine.

Another way to verify a download is to verify the checksum if available, any changes or corruption of the download will alter the resulting checksum, IgorWare Hasher is a free Windows tools you can use, Linux and BSD usually already have something installed.

HTTPS

HTTPS encrypts data being sent and received by your web browser with SSL, most websites support encryption but not all have it enabled by default, always be very aware when sending sensitive data that the website is using HTTPS, this is usually indicator by a padlock icon near the address bar and the URL starting with https://

A nice little browser extension is HTTPS Everywhere, this forces use of HTTPS where available among other features.

Autofill

Most web browsers can remember your password to make things easier and quicker, however this is a big security risk that is often targeted by malicious scripts or software, so it’s strongly recommended that you disable it.

Advanced Authentication

Many websites are now offering more advanced authentication using things like verifying your email address or sending you an SMS message rather than just password alone, this can be a bit annoying but for important accounts you should always enable it.

Conclusion

Good browsing security isn’t difficult, most of it comes down to common sense but hopefully you have learned something of use from this article.