Affichage des articles dont le libellé est Firefox. Afficher tous les articles
Affichage des articles dont le libellé est Firefox. Afficher tous les articles

Sniffly To Sniffing Browser History Using HSTS And CSP


Sniffly Trick For Browser Fingerprinting. Sniffing browser history using HSTS + CSP.

Sniffly is an attack that abuses HTTP Strict Transport Security and Content Security Policy to allow arbitrary websites to sniff a user's browsing history. It has been tested in Firefox and Chrome.

How it works

I recommend reading the inline comments in src/index.js to understand how Sniffly does a timing attack in both FF and Chrome without polluting the local HSTS store. tl;dr version:


  1. User visits Sniffly page
  2. Browser attempts to load images from various HSTS domains over HTTP
  3. Sniffly sets a CSP policy that restricts images to HTTP, so image sources are blocked before they are redirected to HTTPS. This is crucial! If the browser completes a request to the HTTPS site, then it will receive the HSTS pin, and the attack will no longer work when the user visits Sniffly.
  4. When an image gets blocked by CSP, its onerror handler is called. In this case, the onerror handler does some fancy tricks to time how long it took for the image to be redirected from HTTP to HTTPS. If this time is on the order of a millisecond, it was an HSTS redirect (no network request was made), which means the user has visited the image's domain before. If it's on the order of 100 milliseconds, then a network request probably occurred, meaning that the user hasn't visited the image's domain.
Finding HSTS hosts

To scrape an included list of sites (util/strict-transport-security.txt, courtesy Scott Helme) to determine which hosts send HSTS headers, do:

$ cd util
$ ./run.sh > results.log

where 1 batch is 100 sites. You can override util/strict-transport-security.txt with a different list, such as the full Alexa Top 1M, if you want.

To process and sort the results by max-age, excluding ones with max-age less than 1 day and ones that are preloaded:

$ cd util
$ ./process.py > processed.log

Once that's done, you can copy the hosts from processed.log into src/index.js.

Running sploitz

Visiting file:///path/to/sniffly/src/index.html in Chrome should just work. In Firefox, CSP headers using the tag are apparently not supported yet, so you need to set up a local webserver to serve the CSP HTTP response header. My Nginx server block looks something like this:

server {
    listen 8081;
    server_name localhost;
    location / {
        root /path/to/sniffly/src;
        add_header Content-Security-Policy "img-src http://*";
        index index.html;
    }
}

Caveats

Not supported yet in Safari, IE, or Chrome on iOS.
Extensions such as HTTPS Everywhere will mess up results.
Doesn't work reliably in Tor Browser since timings are rounded to the nearest 100-millisecond.
Users with a different HSTS preload list (ex: due to having an older browser) may not see accurate results.

More info available in my ToorCon 2015 slides: https://zyan.scripts.mit.edu/presentations/toorcon2015.pdf.

Demo

Visit http://zyan.scripts.mit.edu/sniffly/ in Firefox/Chrome/Opera with HTTPS Everywhere disabled. If you use an ad blocker, a bunch of advertising domains will probably show up in the "Probably Visited" column (ignore them).

Download
Read more

by Malik korrich ~ lundi 26 octobre 2015 0 commentaires

FireMaster - The Firefox Master Password Recovery Tool

FireMaster is the First ever tool to recover the lost Master Password of Firefox.

Master password is used by Firefox to protect the stored loign/password information for all visited websites. If the master password is forgotten, then there is no way to recover the master password and user will lose all the passwords stored in it.

However you can now use FireMaster to recover the forgotten master password and get back all the stored Login/Passwords.
FireMaster supports Dictionary, Hybrid, Brute-force and advanced Pattern based Brute-force password cracking techniques to recover from simple to complex password. Advanced pattern based password recovery mechanism reduces cracking time significantly especially when the password is complex.

FireMaster is successfully tested with all versions of Firefox starting from 1.0 to latest version v13.0.1.
It works on wide range of platforms starting from Windows XP to Windows 8.
Firefox Password Manager and Master Password

Firefox comes with built-in password manager tool which remembers username and passwords for all the websites you visit. This login/password information is stored in the encrypted form in Firefox database files residing in user's profile directory.
However any body can just launch the password manager from the Firefox browser and view the credentials. Also one can just copy these database files to different machine and view it offline using the tools such as FirePassword.
Hence to protect from such threats, Firefox uses master password to provide enhanced security. By default Firefox does not set the master password. However once you have set the master password, you need to provide it every time to view login credentials. So if you lose the master password then that means you have lost all the stored passwords as well.
So far there was no way to recover these credentials once you have lost the master password. Now the FireMaster can help you to recover the master password and get back all the sign-on information.

Read more

by Malik korrich ~ jeudi 20 août 2015 0 commentaires

Firefox Blocks Adobe Flash Player Plugin Due To Unpatched 3rd Zero Day Vulnerability




Firefox Blocks Adobe Flash Player Plugin Due To Unpatched 3rd Zero Day Vulnerability.

Some of the places user didn't see the videos due to block. Exploits for these vulnerabilities were found in the information taken from HackingTeam in the assault revealed a week ago.

Adobe expected to patch these flash Zero days in this week, but at the meantime Adobe disabled all versions of plugin.

Adobe released 18.0.0.209 update version for flash player plugin today

In the Mozilla Statement,
"All versions of Adobe’s Flash Player plugin are currently deactivated by default, until Adobe releases an updated version to address known critical security issues."

Last week we reported Hacking Team was hacked and 400GBs Data Leaked. These zero days comes out from these leaks.

Firefox officially Tweeted,


New Facebook Chief Security Officer (CSO) Alex Stamos tweeted,


In the Statement of Adobe,

"Security Advisory for Adobe Flash Player
Release date: July 10, 2015

Last Updated: July 12, 2015
Vulnerability identifier: APSA15-04

CVE number: CVE-2015-5122, CVE-2015-5123

Platform: Windows, Macintosh and Linux

Summary:
Critical vulnerabilities (CVE-2015-5122, CVE-2015-5123) have been identified in Adobe Flash Player 18.0.0.204 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.  

Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly. Adobe expects to make updates available during the week of July 12, 2015."

By playing any flash content in Firefox, top of the browser windows can read 

"Firefox has presented the unsafe plugin 'Adobe Flash' from running on the target URL."


Read more

by Malik korrich ~ mardi 14 juillet 2015 0 commentaires

Get Original IP Address Of Any User From STUN IP Address Requests For WebRTC

Get Original IP Address Of Any User From STUN IP Address Requests For WebRTC

Firefox and Chrome have implemented WebRTC that allow requests to STUN servers be made that will return the local and public IP addresses for the user. These request results are available to javascript, so you can now obtain a users local and public IP addresses in javascript. This demo is an example implementation of that.

What is STUN Server?
A STUN (Session  Traversal of User Datagram Protocol [UDP] Through Network Address Translators [NATs]) server allows NAT clients (i.e. IP Phones behind a firewall) to setup phone calls to a VoIP provider hosted outside of the local network.

The STUN server allows clients to find out their public address, the type of NAT they are behind and the internet side port associated by the NAT with a particular local port. The STUN protocol is defined in RFC 3489.

The STUN protocol allows applications operating behind a network address translator (NAT) to discover the presence of the network address translator and to obtain the mapped (public) IP address (NAT address) and port number that the NAT has allocated for the application's User Datagram Protocol (UDP) connections to remote hosts. The protocol requires assistance from a third-party network server (STUN server) located on the opposing (public) side of the NAT, usually the public Internet.

Additionally, these STUN requests are made outside of the normal XMLHttpRequest procedure, so they are not visible in the developer console or able to be blocked by plugins such as AdBlockPlus or Ghostery. This makes these types of requests available for online tracking if an advertiser sets up a STUN server with a wildcard domain.

Code
Here is the annotated demo function that makes the STUN request. You can copy and paste this into the Firefox or Chrome developer console to run the test.

Get the IP addresses associated with an account

function getIPs(callback){
    var ip_dups = {};

    //compatibility for firefox and chrome
    var RTCPeerConnection = window.RTCPeerConnection
        || window.mozRTCPeerConnection
        || window.webkitRTCPeerConnection;
    var mediaConstraints = {
        optional: [{RtpDataChannels: true}]
    };

    //firefox already has a default stun server in about:config
    //    media.peerconnection.default_iceservers =
    //    [{"url": "stun:stun.services.mozilla.com"}]
    var servers = undefined;

    //add same stun server for chrome
    if(window.webkitRTCPeerConnection)
        servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};

    //construct a new RTCPeerConnection
    var pc = new RTCPeerConnection(servers, mediaConstraints);

    //listen for candidate events
    pc.onicecandidate = function(ice){

        //skip non-candidate events
        if(ice.candidate){

            //match just the IP address
            var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3})/
            var ip_addr = ip_regex.exec(ice.candidate.candidate)[1];

            //remove duplicates
            if(ip_dups[ip_addr] === undefined)
                callback(ip_addr);

            ip_dups[ip_addr] = true;
        }
    };

    //create a bogus data channel
    pc.createDataChannel("");

    //create an offer sdp
    pc.createOffer(function(result){

        //trigger the stun server request
        pc.setLocalDescription(result, function(){});

    }, function(){});
}

//Test: Print the IP addresses into the console
getIPs(function(ip){console.log(ip);});

Download
Read more

by Malik korrich ~ mardi 27 janvier 2015 0 commentaires

Chrome Extensions for Security Researcher

The importance of browser is not a hidden truth in the process of penetration testing or ethical hacking, security researcher probably prefer Firefox as browser because it has a wide range of add ons that will help to make the test easier, however we have seen the rapid increase in the usage of google chrome, you can count chrome among the best browsers. 

On previous article we have discussed about the security extension that are available on Firefox.On this article I will discuss the best extensions (add ons) that are available for chrome browser and plays an important role for security researcher, web developers and ethical hacker.


One of the best chrome extension that can See the geolocation, DNS, whois, routing, search results, hosting, domain neighbors, DNSBL, BGP and ASN information of every IP address (IPv4 and IPv6). Including shortcut to Your public IP Address. It can use for whois, network lookup, spam database lookup and more.


It is a extension that will help in the process of penetration testing, you can easily log, edit and send HTTP request. Request Maker only captures requests sent via HTML forms and XMLHttpRequests; it doesn't fill the log with useless information about images and style sheets.

If you dont want to share your information on the Internet than not sharing my info is a best extension for you, use this extension to substitute it with an anonymous alias. It can replace your real email address with fake email address and so on.


Simply the best, after information gathering scanning and enumeration is the second phase of ethical hacking process, so this extension will really help you to scan open ports just like nmap.

I think there is no need to discuss the importance of proxy and anonymity in the field of hacking. Hide My Ass! operates the most popular browser based web proxy online, this is our official extension that enables you to easily redirect your web traffic through our anonymous proxy network.

There are different coolies editor available on firefox, just like firefox we have Edit this cookie on chrome that can help you to edit any cookie, add any cookie, block cookies, delete all the cookies and many more.


XSS is a bug on a web application that allows an attacker to inject their code, if you are doing a penetration testing on a web application than XSS rays will help you to perform the test effective and efficient. It's core features include a XSS scanner, XSS Reverser and object inspection.


If you want to keep update your self with the latest exploits, shell code and white papers than this exploit DB extension will help you.


Right-click on any link and scan the target with VirusTotal, free and easy. It gives a feature of online virus scanner amazing extension. 

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Read more

by Malik korrich ~ mercredi 20 juillet 2011 0 commentaires

Exploit Me- Firefox Add Ons For Pen Testing

Web site security is the key point to measure the security of the network, by this point I mean that your website represent the exact image of your company and your network, so if in case your website will compromise than it will show the negative image on the user, visitors and clients.
So it is good to perform a quick penetration testing on a web application for website security.

Firefox has changes the way of browsing you can find different add ons on firefox for different purposes, as we have discussed 5 top firefox add ons for anonymouse surfing and firefox for ethical hacking. In the article firefox for penetration tester you have seen different add ons, so this article is also explain you to our favorite add ons for hacking.

Exploit-ME

Exploit-Me is a suite of Firefox web application security testing tools designed to be lightweight and easy to use. The Exploit-Me series was originally introduced at the SecTor conference in Toronto. It contain firefox add ons for different type of testing, you can easily check any web site for vulnerability and possibly to exploit it. 

XSS-ME

Cross-Site Scripting (XSS) is a common flaw found in today's web applications. XSS flaws can cause serious damage to a web application.XSS ME is a part of Exploit ME add ons and can be use to check the XSS vulnerabilities on a website. Click here to install.

SQL Inject ME

SQL Injection vulnerabilities can cause a lot of damage to a web application. A malicious user can possibly view records, delete records, drop tables or gain access to your server. Click here to install and perform SQL-injection test on a website.

Access ME

Access vulnerabilities in an application can allow an attacker to access resources without being authenticated. Access-Me is a Firefox extension used to test for Access vulnerabilities. Click here to install.



Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Read more

by Malik korrich ~ samedi 25 juin 2011 0 commentaires

Tamper Data: A Firefox Extension

Firefox provides a lot of Add ons for different purposes, it may be categorise on the basis of their use. There are different add ons available in firefox that can be used as a penetration testing tool or it may be use for hacking a website. So the usage is depend on the person its not depends on the tool and the author of the tool.

There are different add ons available for doing a penetration testing click here to learn.

This article will talk about Tamper Data, Tamper Data is a Firefox Extension which gives you the power to view, record and even modify outgoing HTTP requests. This is the smartest add on. Tamper data may be used as per requirement like if you want to use it for doing a pen-test on your web application to measure the security or may be someone use this add on to find out the bug and just exploit it.

Use tamperdata to view and modify HTTP/HTTPS headers and post parameters. Trace and time http response/requests. Security test web applications by modifying POST parameters.It will give you the answer of these question like:
  • What cookies are being send to the browser?
  • Are the cookies mark as secure?
  • What kind of HTTP Authentication is happening? 
  • ETC

Tutorial
After installation restart Firefox and open Tools → Tamper Data. This will bring up the "Tamper Data - Ongoing Requests" window.


You can start tamper by clicking on start tapmer button, if you want to make a graph of your result than right click on any of the tamper result than click on graph all.



Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Read more

by Malik korrich ~ dimanche 22 mai 2011 0 commentaires

5 Top Firefox Addons For Anonymous Surfing

Firefox is fast,reliable and secure browser that provides a lot of different features except browsing. So this article will talk about anonymous surfing via Firefox.
Mostly people use different software's and online services to achieve anonymous surfing, however you can add some plug ins on your Firefox browser to achieve this task.

Below are the list of some add ons that will provides highly anonymous surfing.



FoxyProxy is the most famous and widely used extension that provides highly anonymous surfing. FoxyProxy is an advanced proxy management tool that completely replaces Firefox's limited proxying capabilities. It also offer reliable, high-bandwidth proxy servers in 24 different countries. You can use foxyproxy to bypass content filtering in your work place.


Tor project is a big invention in the world of online privacy protection, tor offers different services and software's to achieve anonymous surfing.Torbutton provides a button to securely and easily enable or disable the browser's use of Tor. It is currently the only addon that will safely manage your Tor browsing to prevent IP address leakage, cookie leakage, and general privacy attacks.


If you are concern about your online privacy and if you want to become complete anonymous so Autoproxy will help you. With AutoProxy, you no longer need to switch your proxy status between on & off manually. If you prefer to visit a website via proxy, just add it's domain to AutoProxy's preference

AWB proxy is a fast and reliable extension that provides UK anonymous proxy server, it hides your real IP and it protects your information means privacy protection.
Proxy tool manager provides a power full and user friendly environment, it provides 10 different spoofed HTTP referrers, auto-proxy rotation etc. You can delete all the cookies manually or automatically, it provides a feature to import more proxy server on the tool.


Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Read more

by Malik korrich ~ samedi 21 mai 2011 0 commentaires

WiPhire- Wireless Penetration Testing Tool

There are mainly two type of networks one is wired and the other is wireless, now a days everything is going to be wireless no one like the wired network, this article is not about the comparison between wired and wireless network. 

As you have an idea about penetration testing and the tools that are widely used in pen testing, now what about wireless networks. There are some tools present to check the security of the wireless network, in this article we will discuss about a tool.


In wireless penetration field you have must seen a few tools and techniques to crack into Wired Equivalent Privacy (WEP). Beside it i think you have seen some script and tools to perform Man in the middle attack (MITM), but surely you have not seen the tool that provide both facilities at the mean time.


WiPhire is a Bash script aimed at making the Wireless Hacking process a lot easier. This script was written on Backtrack 4 and designed to be used with Backtrack 4.


Programs that WiPhire Uses 
  • airmon-ng
  • airodump-ng
  • aireplay-ng
  • aircrack-ng
  • airdrop-ng (Requires directory /pentest/wireless/airdrop-ng/)
  • xterm
  • crunch (Requires directory /pentest/passwords/crunch)
  • pyrit
  • sslstrip
  • arpspoof
  • macchanger
  • kate
  • apache2 (Requires directory /etc/init.d/apache2)
  • ettercap
  • firefox (Trivial)
Download

How To Use

To use this Bash script (Or any Bash script) You need to take the script and place it somewhere that you can remember. For this example i will just use /root/. Now if you are root and you have the script on your desktop, open up a terminal and type ./WiPhire. This will now run the script. If you get a permissions error you will need to change the permissions to make the script executable 'chmod 777 ./WiPhire' This will now allow you to run it. If the script is stored in a different location you need to change the directory to the location before running the script. For example if the script was in a folder called 'scripts' on roots desktop we would run 'cd /root/scripts/' Then we would run './WiPhire'. 
 

Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Read more

by Malik korrich ~ mercredi 9 février 2011 0 commentaires

FireFox Of Penetration Tester

Ethical hacking or penetration testing is a wide and most important field in the world IT, there are lot of students learning computer security and forensic for their good future.


The security expert and penetration tester are using a large panel of security tools to audit the IT infrastructure, these tools are the weapons of pen-tester and now a normal user are weaponless. Different penetration tester using different tools and it depend on the requirement of the test. In this article i will show you different tools that will really help you out.

FireFox is a common browser and the add-on feature of Firefox is so amazing, so this article cover the available add-on for penetration tester. 

Whois and geo-location
 
  • ShowIP : Show the IP address of the current page in the status bar. It also allows querying custom services by IP (right mouse button) and Hostname (left mouse button), like whois, netcraft.
  • Bibirmer Toolbar : An all-in-one extension. But auditors need to play with the toolbox. It includes ( WhoIs, DNS Report, Geolocation , Traceroute , Ping ). Very useful for information gathering phase


Googling And Spidering
  • Advanced dork : Gives quick access to Google’s Advanced Operators directly from the context menu. This could be used to scan for hidden files or narrow in a target anonymously.
  • SpiderZilla : Spiderzilla is an easy-to-use website mirror utility, based on Httrack from www.httrack.com.

Cookies
  • httpOnly : Adds httpOnly cookie support to Firefox by encrypting cookies marked as httpOnly on the browser side
  • Allcookies : Dumps ALL cookies (including session cookies) to Firefox standard cookies.txt file
Malware Scanner
Proxy
  • FoxyProxy : FoxyProxy is an advanced proxy management tool that completely replaces Firefox’s proxy configuration. It offers more features than SwitchProxy, ProxyButton, QuickProxy, xyzproxy, ProxyTex, etc
  • SwitchProxy: SwitchProxy lets you manage and switch between multiple proxy configurations quickly and easily. You can also use it as an anonymizer to protect your computer from prying eyes.
Enumeration 
  • Header Monitor : This is Firefox extension for display on statusbar panel any HTTP response header of top level document returned by a web server. Example: Server (by default), Content-Encoding, Content-Type, X-Powered-By and others.

Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Read more

by Malik korrich ~ mercredi 2 février 2011 0 commentaires

WiFi Killer-FireSheep

Security researcher always warned people about the bug and vulnerability of public networks and unencrypted services, life changes every day the new day come with some new vulnerability.

As you know that when you logging into a website your enter your user-name and password and then the server check your submitting user-name and password with their record and than assign you a cookies for your browser to get connected with server, what happen when you are logging and someone will get your cookies and use it on his browser, yes this is called session hijacking.


Over a year ago, session hijacking need some technical knowledge and the new and inexperienced user's cant do this, but the time has been changed and a Firefox add-on called Firesheep introduced that hijack the facebook,myspace and twitter session over an open network. FireSheep is free, open source and available almost on every operating system.

How Firesheep Works

Firesheep is a packet sniffer that analyze received packets from unencrypted websites on a open network like WiFi connections.
An attacker install firesheep and the new side bar appears on Firefox and the extension wait for the 26 websites that are in firesheep database to log in, when someone log in in any of these websites than firesheep capture his session id or user-name and password.   

If you know the difference between HTTP and HTTPS than you can easily understand the working of FireSheep, yes when your browser shows HTTPS instead of HTTP means your are logging on an encrypted website.

Protection

  • Use a VPN(Virtual Private Network) that create a secure tunnel for your data.
  • Use HTTPS everywhere, it is a firefox add-on.
  • Avoid visiting such websites, when you connected to the public access networks, in place like coffee shops and airports.



Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Read more

by Malik korrich ~ dimanche 23 janvier 2011 0 commentaires

How To Enable Cookies (IE,FireFox,Opera)

A cookie is a piece of data which often includes an unique identifier, that is sent to your browser from a web site you visit, stores as a file on your computer, identifies you as a unique user and track your web usage.






Internet Explorer:

1. Select "Tools"
2. Select "Internet Options".
3. Open the "Privacy" tab.
4. In the "Settings" area - to enable cookies move the slider bar to Medium-High



Mozilla FireFox:

  1. Click on the Tools menu in Firefox.
  2. Click Options...
  3. Change to the Privacy Settings.



Opera:

  1. Click on the "Tools" menu Opera.
  2. Click Preferences...
  3. Change to the Advanced tab, and to the cookie section.












Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Read more

by Malik korrich ~ mercredi 12 janvier 2011 0 commentaires

How to Block a Website ?

Some times it becomes necessary to block a website on our Computers for one or other reason. You can easily and effectivily block access to a website by adding it to your Windows HOSTS file. Once the website is blocked in the HOSTS file, it will not appear in any of the browsers. That is, the website becomes completely unavailable.










1. Go to your HOSTS file which is located at:

C:\WINDOWS\SYSTEM32\DRIVERS\ETC for Vista and XP
C:\WINNT\SYSTEM32\DRIVERS\ETC for Win 2000
C:\WINDOWS for Windows 98 and ME
2. Open HOSTS with Notepad.
The default Windows HOSTS looks like this:
______________________
# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a “#” symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
127.0.0.1 localhost
_____________________________

3. Directly under the line that says 127.0.0.1 Localhost, you will want to type:

127.0.0.1 name of the URL you want to block
For example to block the website MySpace.com, simply type:
127.0.0.1 myspace.com
127.0.0.1 www.myspace.com
Other parts of MySpace could be blocked in a similar way:
127.0.0.1 search.myspace.com
127.0.0.1 profile.myspace.com
etc etc etc…
It is necessary to add a website with and without the “www.”. You can add any number of websites to this list.

4. Close Notepad and answer “Yes” when prompted.

5. After blocking the website, test it in any of the browser. If every thing is done as said above,the website must not appear in any of the web browsers. You should see a Cannot find server or DNS Error saying: “The page cannot be displayed”.
Read more

by Malik korrich ~ mercredi 17 novembre 2010 0 commentaires

« Articles plus anciens