Best Tips Here...

[nikita69]

HOW TO SPEED-UP YOUR IP RESOLVING IN THE SUPERTRICK (hosts file - example 4)

Continuing from example 1 & example 2 & example 3:

1. Gather and Insert IP into HOSTS file
   1. Download and Install <span style='color:green'>CIP- "Is the XPT&#39;s hosts file manager. It is by far the fastest, the most feature-rich, the most interactive and above all the most powerful product of its kind on the market today"
   2. Import your bookmarks
      1. Close ALL broswers then open CIP
      2. From menu, select File -> Import -> Bookmarks or File - Import - Favorites from the menu to import Netscape bookmarks or Internet Explorer favorites
      3. Click the "traffic light" icon to start resolving your bookmarks to IPs
         NOTE - I have 2000+ bookmarks and finished within 5 minutes
   3. Review and export your bookmarks
      1. Scroll thru your bookmarks and clean out the duplicates, localhost and any sites you feel are not worth to speed-up
      2. Save the file as "BookamrK_Hosts" without the quotes and any extention
      3. From menu, select File -> Export -> select "hosts" file -> click Save
      4. Open your browser - it may lag a bit to load, yet don&#39;t worry, this happens whenever the hosts file has been accessed and within seconds your browser will continue
   </span>
2. Now for the FUN and SURE way of speeding
   1. IMPORTANT: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base: 256986 - Description of the Microsoft Windows Registry
   2. Windows 2k/XP
      1. First, open the Windows Registry using Regedit, and (after backing up) navigate to:
         HKEY_LOCAL_MACHINE&#092;SYSTEM&#092;CurrentControlSet&#092;Services&#092;Tcpip&#092;ServiceProvider
      2. Note the following lines (all hex dwords):
         Class = 008 (8) - indicates that TCP/IP is a name service provider, don&#39;t change
         LocalPriority = 1f3 (499) - local names cache
         HostsPriority = 1f4 (500) - the HOSTS file
         DnsPriority = 7d0 (2000) - DNS
         NetbtPriority = 7d1 (2001) - NetBT name-resolution, including WINS
      3. What we&#39;re aiming to do is increase the priority of the last 4 settings, while keeping their order. The valid range is from -32768 to +32767 and lower numbers mean higher priority compared to other services. What we&#39;re aiming at is lower numbers without going to extremes, something like what&#39;s shown below should work well:
      4. Change the "Priority" lines to:
         LocalPriority = 005 (5) - local names cache
         HostsPriority = 006 (6) - the HOSTS file
         DnsPriority = 007 (7) - DNS
         NetbtPriority = 008 (8) - NetBT name-resolution, including WINS
      5. Reboot for changes to take effect
   3. Windows 9x/ME
      1. The tweak is essentialy the same as in Windows 2000/XP, just the location in the Registry is slightly different. For a more detailed description see the Windows 2000/XP section above
      2. Open the Windows Registry using Regedit, and (after backing up) navigate to:
         HKEY_LOCAL_MACHINE&#092;System&#092;CurrentControlSet&#092;Services&#092;VxD&#092;MSTCP&#092;ServiceProvider
      3. You should see the following settings:
         Class=hex:08,00,00,00
         
         LocalPriority=hex:f3,01,00,00
         HostsPriority=hex:f4,01,00,00
         DnsPriority=hex:d0,07,00,00
         NetbtPriority=hex:d1,07,00,00
      4. The "priority" lines should be changed to:
         LocalPriority=hex:05,00,00,00
         HostsPriority=hex:06,00,00,00
         DnsPriority=hex:07,00,00,00
         NetbtPriority=hex:08,00,00,00
      5. Reboot for changes to take effect
3. System.ini IRQ Tweak - Windows 9x/ME ONLY
   1. Find your Network Card&#39;s IRQ
      1. In order to add the entry to your System.ini file, you&#39;d first have to find your NIC&#39;s IRQ
      2. Right-click on My Computer icon on your Desktop, then left-click on Properties (a shortcut for that would be to press the &#39;Windows&#39; + &#39;Pause&#39; keys). Navigate to Device Manager and double-click on Computer. Under "View Resources" you will find a list of IRQs, each with description of the device that&#39;s using it. Note the IRQ number used by your Network Adapter
   2. Adding the entry to System.ini
      1. Once you&#39;ve found the IRQ of your Network Card, you need to reserve some RAM for its use, by adding an entry to the System.ini file. You can edit the file in any text editor, however the easiest way is to use Windows&#39; built in "System Configuration Editor"
      2. Navigate to Start > Run and type sysedit . Find the [386enh] Section in the System.ini file and add Irq[n]=4096 under it, where [n] is the IRQ number of your NIC and 4096 is the amount of RAM you want to reserve in Kbytes. We recommend using 4096, however you can experiment with different values if you want. Save changes in the file, exit and reboot for changes to take effect.
         Note: If you choose to try different values, keep in mind that reserving too much RAM for your NIC will decrease the amount of RAM available for applications, while reserving too little might not give the desired effect
   3. Additional Thoughts
      1. The only negative effect of the System.ini IRQ tweak is that it will reduce the amount of RAM available for running applications a bit, by reserving some specifically for your Network Card&#39;s use. The gain in performance usually outweighs the negative effect by far, considering any Computer with 32Mb of RAM or more
      2. This tweak may or may not work for you. It is not a documented tweak by Windows
      3. Keep in mind that if you add hardware to your system the IRQ of the Network Adapter might change, in which case you will need to modify the setting in System.ini
      4. In systems with multiple NICs, you might want to add the setting for both IRQs. Also, you could reserve RAM for other IRQs if you wish, just use common sense and don&#39;t forget it reduces the amount of RAM available for running applications
      5. If you are using an USB device, it does not have a specific IRQ, however you can try adding the entry using the IRQ of the USB Controller
      6. For internal Cable Modems, you&#39;d have to add the entry using the IRQ of your modem, rather than the IRQ of a Network Card

RELATING POSTS: comming soon...

RESULTS WILL VARY
No matter how good your systems may be, they&#39;re only as effective as what you put into them.
updated

[nikita69]

HOW TO BLOCK ADS AND MAINTAIN THE SUPERTRICK (hosts file - example 3)
The most common way of detecting spam is by using spam databases (blacklists, sometimes incorrectly referred to as RBLs, since RBL is trademarked by MAPS) that list the addresses of mail servers known (or believed) to send spam. This is done by taking the IP address of the remote mail server, converting it to a domain name using the ip4r format (1.2.3.4 becomes 4.3.2.1.bl.example.com), and seeing if that name exists.

Below is a list of all known DNS-based spam databases (some links may be temporarley down or unresolved, please send me a PM with any:

1. Standard IP-based Spam Databases
   1. ABL - ”Arbitrary Blackhole List. No TXT records, missing test entry 127.0.0.2. Warning: Is not testable.”
   2. BGISOCBL - ”Bulgarian Spam Prevention System. Designed primarily to protect isoc.bg&#39;s members from receiving Bulgarian spam. Warning: Is not testable.”
   3. BGISOCWL - ”Bulgarian Spam Prevention System Whitelist. Designed primarily to protect isoc.bg&#39;s members from receiving Bulgarian spam; this is a WHITELIST, which lists &#39;good&#39; IPs. No TXT records, missing test entry 127.0.0.2. Warning: Is not testable.”
   4. BLARSBL - ”Confirmed that it is working on 24 Oct 2001. Has 15 different return values, indicating the reason for the listing (IE could be split up into as many as 12 tests). Includes interesting tests such as no abuse@ - address, and originating a DoS attack. Does not have TXT records. Warning: May contain a number of IPs that no longer are associated with spammers, and are now allocated to legitimate customers that can not be removed. May also blacklist entire ISPs.”
   5. BLITZEDALL - ”Combines the BLITZEDHTTP, BLITZEDSOCKS, BLITZEDWINGATE, BLITZEDCISCO, and BLITZEDPOST tests. Confirmed that it is working on 09 Apr 2002.”
   6. BLITZEDCISCO - ”Lists Cisco proxies. Assumed to be working on 20 Feb 2003 (since bitmask tests can&#39;t be tested).”
   7. BLITZEDHTTP - ”Lists open HTTP (CONNECT) proxies. Confirmed that it is working on 03 Feb 2002.”
   8. BLITZEDPOST - ”Lists open HTTP (POST) proxies. Assumed to be working on 20 Feb 2003 (since bitmask tests can&#39;t be tested).”
   9. BLITZEDSOCKS - ”Lists open SOCKS proxies. Confirmed that it is working on 03 Feb 2002.”
   10. BLITZEDWINGATE - ”Lists open wingate proxies. Confirmed that it is working on 03 Feb 2002.”
   11. BONDEDSENDER - ”A whitelist of E-mail senders that have posted a bond to help prove that their E-mail is legitimate.”
   12. BORDERWORLDSBL - ”A private spam database. Warning: Is not testable.”
   13. CBL - ”Lists IPs that send to large spamtraps, and are running open proxies, worms/viruses, trojan horses, etc. Confirmed 01 Aug 2003.”
   14. CHICKENBONER - ”Unknown, apparently no website. Warning: Is not testable.”
   15. CLUECENTRAL - ”Lists IPs in certain countries. Missing test entry 127.0.0.2. Confirmed 18 Jun 2002 Warning: Is not testable.”
   16. COMPU-PMO - ”Undocumented. Apparently lists "pm0.com" sources. Confirmed 10 Jan 2002. Warning: Is not testable.”
   17. CSMA - ”Lists IPs of mailservers that send spam twice in a short timeframe to the McFadden Associates mailservers. Confirmed 29 Sep 2003.”
   18. CSMA-SBL - ”Lists IPs of mailservers that send spam to the McFadden Associates mailservers, even once. More aggressive than the CSMA test, and best used with score-based anti-spam programs. Confirmed 20 - Oct 2003.”
   19. COMPU - ”Undocumented (but confirmed). &#39;Primarily for hosts which were not blocked by other blackhole sites and spammed compu.net&#39; according to one source.”
   20. DEADBEEF - ”Lists ISPs that have no way to report abuse. Confirmed 11 Mar 2003.”
   21. DNSRBL-DUN - ”Lists dialup lines (modems, DSL, cable). Warning: uses 127.0.0.1 as its test entry. Verified 19 Jun 2002.”
   22. DNSRBL-SPAM - ”Lists known spammers, based on E-mail sent to &#39;honey pot&#39; addresses. Warning: uses 127.0.0.1 as its test entry. Verified 19 Jun 2002.”
   23. DSBL - ”Distributed Sender Boycott List. This is a &#39;trusted&#39; portion of DSBL, that accepts submissions of open relays and any other unsecure servers that spammers can use to send spam. Confirmed on 28 Mar 2002.”
   24. DSBLALL - ”Distributed Sender Boycott List. This is the &#39;untrusted&#39; version (IE anyone can submit to it) of the DSBL database, which accepts submissions of open relays and any other unsecure servers that spammers can use to send spam. Note that it will likely contain some popular free mail services and the like, if their users maliciously submit entries. Confirmed on 05 Apr 2002.”
   25. DSBLMULTI - ”Distributed Sender Boycott List. This is a &#39;trusted&#39; portion of DSBL, that lists multi-hop relays from trusted sources. Confirmed on 09 Apr 2002.”
   26. DUINV - ”Lists IPs that belong to dialup connections. No TXT records, missing test entry 127.0.0.2. Warning: Is not testable.”
   27. DULRU - ”Apparently lists dialup lines in Russia (site is in Russian). No TXT records, missing test entry 127.0.0.2. Warning: Is not testable.”
   28. EASYNET-DNSBL - ”Lists direct spam sources, indirect spam sources (using open relays or other conduits to send spam), open proxy hits, Spamhaus SBL hits, opt-out mailers, and relay-probing sources. Click link for full - description. Confirmed that the zone and entries exist on Nov 26 2001. Was WIREHUB-DNSBL.”
   29. EASYNET-DYNA - ”Lists dynamic IP ranges (per /24, to attain maximum granularity and a minimum of false postives by probing several IP numbers in each /24 and examining PTR records). Confirmed 14 Dec 2001. Was WIREHUB-DYNA.”
   30. EASYNET-PROXIES - ”Lists both regular open proxies and trojaned servers with open proxy functionality. Was WIREHUB-PROXIES.”
   31. FABELSOURCES - ”Lists networks (mostly in Asia and South America) that keep sending spam. Confirmed on 23 Jan 2002.”
   32. FIVETENDUL - ”Lists spam sites before they get into DUL; includes some DSL IPs. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   33. FIVETENFREE - ”Lists mailservers used by free mail services that either have no abuse address address listed at abuse.net, or that ignore abuse complaints. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   34. FIVETENIGNORE - ”Lists IP ranges of companies that ignore spam complaints. Warning: May block large ISPs. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   35. FIVETENKLEZ - ”Lists mailservers that send AV notification responses to Klez and similar viruses that forge the return address. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   36. FIVETENMULTI - ”Lists multi-stage open relays. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   37. FIVETENOPTIN - ”Lists bulk mailers that don&#39;t use confirmed opt-in. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   38. FIVETENOTHER - ”Lists servers with &#39;other issues.&#39; NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   39. FIVETENSINGLE - ”Lists single-stage open relays. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   40. FIVETENSRC - ”Lists direct spam sources. WARNING: Lists entire Class B ranges if 1 IP sends them spam&#33; NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   41. FIVETENTCPA - ”Lists companies that violate the TCPA act, by leaving pre-recorded telephone sales calls or not maintaining a do-not-call list. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   42. FIVETENWEBFORM - ”Lists servers running vulnerable web scripts that can send spam. NOTE: If you are listed, you can find the address to get removed on their page (&#39;blackhole&#39.”
   43. FLOWGO - ”Unknown and undocumented, but operational (confirmed 24 Oct 2001). &#39;Lists FloNetwork systems&#39; according to one source. Flonetwork was apparently bought out by DoubleClick.”
   44. GIPPER - ”A listing of computers which are running an insecure HTTP proxy that allows arbitrary port connections. No TXT records, no 127.0.0.2 test entry. Warning: Is not testable.”
   45. GIRL - ”Gweep.ca Insecure Relay List. Lists open relays. No TXT records, no 127.0.0.2 test entry. Warning: Is not testable.”
   46. GRIP - ”Randomly lists random IPs. Obviously, this should not be used as a spam test. No TXT records, no 127.0.0.2 test entry. Warning: Is not testable.”
   47. HIL - ”Lists IPs of mailservers that infringe on Habeas&#39; intellectual property, and are unwilling or unable to rectify the situation in a timely matter. Note that it is not DNS-accessible yet; it requires that you connect directly to hil.habeas.com. No TXT records. Confirmed 30 Oct 2002. Warning: Is not testable.”
   48. HILLI - ”Undocumented.”
   49. HUL - ”Lists IPs of Habeas licensees. Used as a whitelist. Requires a license agreement to be filled out. Warning: Is not testable.”
   50. ICMFORBIDDEN - ”Lists IPs of companies that took ORBS to court. No TXT records, no 127.0.0.2 test entry. Warning: Is not testable.”
   51. INFORMATIONWAVE - ”Lists spammers. No TXT records, no 127.0.0.2 test entry. Warning: Is not testable.”
   52. INTERSIL - ”Undocumented (but confirmed).”
   53. IPWHOIS - ”Lists domains that have incorrect or otherwise bad information in their IP whois data. Note that this MAY have the same flaw as the BADWHOIS test and could list major portions of the Internet.”
   54. JAMMDNSBL - ”Currently undocumented. Returns 127.0.0.2 for spammers, .3 for open relays, .4 for insecure E-mail scripts, .5 for open proxies, and .6 for dynamic IP ranges. WARNING: Lists IP ranges for some entire countries.”
   55. KEMPTBL - ”Lists any mailserver that sends spam or E-mail with forged headers. You must contact them to use it. Warning: Is not testable.”
   56. KITHRUP - ”Unknown. Note the possibly odd &#39;0.0.0.0&#39; response that could break existing anti-spam programs.”
   57. KROPKA-IP - ”Lists static IPs, whole networks. Warning: Is not testable.”
   58. KROPKA-DIALUPS - ”Lists dialups and dynamic IPs. Warning: Is not testable.”
   59. KROPKA-RELAYS - ”Lists open relays. Warning: Is not testable.”
   60. KROPKA-PROXIES - ”Lists open proxies. Warning: Is not testable.”
   61. KROPKA-FORMS - ”Lists unsecured forms and subscriptions. Warning: Is not testable.”
   62. KROPKA-LAMEAV - ”Lists systems that send virus notifications to forged sender. Warning: Is not testable.”
   63. KUNDENSERVER - ”Run by a large web hosting company that tests mailservers that connect to it, to see if they are open relays. Lists the open relays for several weeks/months.”
   64. LBL - ”Has many different criteria for listing, such as companies that favor spam, spamware vendors.”
   65. LNSGBLOCK - ”Lists blocks of addresses that may contain spammers, but only if there are no reverse DNS entries. Confirmed test entry on 08 Jan 2002.”
   66. LNSGBULK - ”Lists bulk mailers that don&#39;t have confirmed opt-in, or that allow spam to be sent. Confirmed test entry on 08 Jan 2002.”
   67. LNSGDUL - ”Lists dialup lines (remember, DUL-type tests should NOT be run against local users). Confirmed that the zone exists on 30 Oct 2001, confirmed test entry on 08 Jan 2002.”
   68. LNSGMULTI - ”Lists multiple stage open relays that are not on other spam databases. Confirmed test entry on 08 Jan 2002.”
   69. LNSGOR - ”Lists single-stage open relays that are not on other spam databases. Confirmed test entry on 08 Jan 2002.”
   70. LNSGSRC - ”Lists spam sources (any mail server sending spam). Confirmed test entry on 08 Jan 2002.”
   71. MAILDEFLECTOR - ”A pay service that lists IPs based on spambait addresses and customer submissions. Customers can add/remove IP ranges and/or countries for their own use, using a simple checkbox list. &#036;150/year/server, 60 day free trial (free for non-profits/hobbyists). Warning: Is not testable.”
   72. MAPS-DUL - ”MAPS DUL (Dialup User List) was another very important ip4r DNS lookup, but since it now requires a subscription, other dialup tests may be used instead. It lists the IP addresses of lots of &#39;dialup lines&#39; -- the connections that individuals get when then dial into the Internet. Although lots of legitimate E-mail originates from dialup lines, legitimate users very rarely if ever send mail directly to the receiving SMTP server; they send mail to their ISP&#39;s mail server. Therefore, it is safe to say that if anyone listed in DUL connects to your mail server, they are not sending legitimate E-mail. We recommend using the DUL test. A pay service as of 7/31/2001. Warning: Is not testable.”
   73. MAPS-NML - ”MAPS NML (Non-confirming Mailing List) lists mail servers that send out mailing list E-mail for lists that do not confirm the subscriptions. Mailing lists that send E-mail without confirming will often end up sending spam, as people think it is a cute practical joke to add their friends to the list.A pay service. Unconfirmed. Warning: Is not testable.”
   74. MAPS-OPS - ”MAPS OPS (Open Proxy Stopper) lists computers that are running open proxies. A pay service. Unconfirmed. Warning: Is not testable.”
   75. MAPS-RBL - ”MAPS RBL (Realtime Blackhole List) was once the most important ip4r DNS lookup, but it is less used now that it requires a subscription. It lists networks known to be friendly or neutral to spammers. In most cases, it is very good about only listing mail servers that send out a lot of spam, and not simply open relays that get hijacked once and then are secured. Because of this, we recommend using the RBL test. A pay service as of 7/31/2001. Warning: Is not testable.”
   76. MAPS-RBLPLUS - ”MAPS RBL+ is a paid service that apparently combines RBL, RSS, DUL, and OPS into a single lookup. It appears that you can&#39;t test it without a subscription. Warning: Is not testable.”
   77. MAPS-RSS - ”MAPS RSS (Relay Spam Stopper) lists spam-relaying mail servers. These are open relays that have been known to send spam. They may well be legitimate mail servers that were open relays, and may be closed soon. However, they were open relays and did send spam. This is similar to RBL, except that the mail servers may be anti-spam and quick to fix the problem. In that case, you may be blocking legitimate mail until the problem is fixed. There is no grace period, so if the server is caught sending spam and is still an open relay, it will be listed immediately. In June, 2001 it contained about 100,000 mail servers&#33; A pay service as of 7/31/2001. Warning: Is not testable.”
   78. MITSUBISHI - ”A private spam database. You can perform a lookup at http://www.DNSstuff.com ”
   79. NERD - ”Lists IPs in certain countries. Missing test entry of 127.0.0.2. Confirmed 18 Jun 2002. Warning: Is not testable.”
   80. NETHERRELAYS - ”Lists mailservers that send to non-existent accounts at nether.net. Zone transfers requested for large use hosts.”
   81. NETHERUNSURE - ”Lists mailservers that cannot be tested. Zone transfers requested for large use hosts.”
   82. NJABL - ”Lists open relays and known spam sources. Test listing confirmed 07 Jan 2002.”
   83. NJABLDUL - ”Lists dialup lines and other dynamic IP ranges. NOTE: As with other dialup lists, you should NOT use this to scan mail from your users, if you are an ISP. Test listing confirmed 07 Jan 2002.”
   84. NJABLFORMMAIL - ”Lists servers with insecure formmail scripts. Test listing confirmed 29 Oct 2002.”
   85. NJABLMULTI - ”Lists multi-stage open relays. Will notify the appropriate NIC one week in advance of listing, to allow them to correct the problem. Test listing confirmed 29 Oct 2002.”
   86. NJABLPROXIES - ”Lists open proxy servers. Test listing confirmed 29 Oct 2002.”
   87. NJABLSOURCES - ”Lists spam sources. Will include commercial spammers, direct-to-mx, and proxies. IP ranges will be added only if they can be identified with the spammer. Test listing confirmed 29 Oct 2002.”
   88. NLKUNBLACKLIST - ”Documentation not in English. No TXT records, missing test entry of 127.0.0.2. Warning: Is not testable.”
   89. NLKUNWHITELIST - ”Documentation not in English. Apparently a whitelist. No TXT records, missing test entry of 127.0.0.2. Warning: Is not testable.”
   90. NOMOREFUNN - ”Undocumented. Will list dialup networks that send spam, and are outside Scandinavia. Lists IPs that send spam or attempt relaying. Also lists networks of Danish spammers. Confirmed 09 Apr 2002.”
   91. ORID - ”Designed to list mailservers sending spam, at the time they are sending it (not before or after).”
   92. ORDB - ”Open Relay Database. Lists open relays. Has corresponding TXT records. Had about 81,000 entries as of 7/23/01, hit 200,000 on 22 Jan 2002. Will notify servers when they get listed, and will automatically re-test periodically.”
   93. ORVEDB - ”Lists hosts that are verified as open relays. No TXT records, missing test entry 127.0.0.2. Warning: Is not testable.”
   94. PDL - ”Pan-Am Internet Services&#39; Dynamic List. Lists home dialup, broadband, and similar networks. No TXT records, missing 127.0.0.2 test entry. Warning: Is not testable.”
   95. POSTFIXGATE - ”A pay service with a list of mail servers that send spam. Includes TXT records. Verified Nov 28 2001. Warning: Is not testable.”
   96. RELAYWATCHER - ”RelayWatcher was designed to create a network of relay testers that report their results to a central server.”
   97. REYNOLDSOHPS - ”Reynolds Open HTTP Proxy Server Block List. Lists servers that have open web proxies that are being abused. Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   98. REYNOLDSOMRS - ”Reynolds Open Multi-Level Relay Server Block List. [*Both ip4r and rhsbl*] Lists servers that are open multi-level relays and being abused. Unclear where the domains come from (RHSBL, reverse DNS, HELO, etc.). Also appears to list open proxies. Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   99. REYNOLDSOSPS - ”Reynolds Open Socks Proxy Server Block List. [*Both ip4r and rhsbl*] Lists servers that have open socks proxies that are being abused. Unclear where the domains come from (RHSBL, reverse DNS, HELO, etc.). Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   100. REYNOLDSOSRS - ”Reynolds Open Single-level Relay Server Block List. [*Both ip4r and rhsbl*] Lists servers that are open relays and being abused. Unclear where the domains come from (RHSBL, reverse DNS, HELO, etc.). Also appears to list open proxies. Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   101. REYNOLDSOWFS - ”Reynolds Open Web Form Server Block List. [*Both ip4r and rhsbl*] Lists servers with web form scripts that have been abused. Unclear where the domains come from (RHSBL, reverse DNS, HELO, etc.). Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   102. REYNOLDSOWPS - ”Reynolds Open Wingate Proxy Server Block List. Lists servers that have open wingates that are being abused. Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   103. REYNOLDSRDTS - ”Reynolds Dialup/DSL Type Services Block List. Lists dialup, DSL, and other dynamic IP ranges. Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   104. REYNOLDSRICN - ”Reynolds Incorrectly Configured Networks. Lists networks which appear to be incorrect configured. Includes networks with no/few reverse DNS entries, or lots of spam. Appears to list Class C ranges (dangerous&#33 rather than assigned network ranges. Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   105. REYNOLDSRMST - ”Reynolds Multiple Spam Traps Block List. [*Both ip4r and rhsbl*] Lists IPs/domains that send to spamtraps. Unclear where the domains come from (RHSBL, reverse DNS, HELO, etc.). Free for first 1,000 lookups per day. Confirmed on 24 Jan 2003.”
   106. REYNOLDST1 - ”Reynolds &#39;Type 1&#39; Block List. Lists servers that are listed in any of the other Reynolds lists. Free for first 1,000 lookups per day. Confirmed on 23 Jan 2003.”
   107. ROPE - ”Undocumented except in a mailing list. Apparently lists IPs sending spam to the person running rope.net. Confirmed 09 Apr 2002. No TXT records.”
   108. RSBL - ”Lists hosts that were verified a true and ostensible spammer activity. Warning: Will list legitimate mailservers that have no reverse DNS entry. No TXT records, missing test entry 127.0.0.2. Warning: Is not testable.”
   109. RSL - ”visi.com Relay Stop List (RSL) is a list of mail servers that have relayed spam recently.”
   110. SATOS - ”A personal blacklist, that lists IPs of spammers that send to the administrator of cluecentral.net. Warning: Is not testable.”
   111. SBBL - ”Lists IPs of mailservers that send to spambait addresses at they.com. IPs are automatically removed.”
   112. SBL - ”Spamhaus Block List. Lists &#39;known spammers, spam gangs or spam support services&#39;. Confirmed on 21 Mar 2002.”
   113. SCHULTE - ”Lists mailservers that the administrator of the schulte.org domain doesn&#39;t want to get mail from. No TXT records, missing 127.0.0.2 test entry. Warning: Is not testable.”
   114. SDERB - ”Scary Devil Enterprises Realtime Blocklist. Lists IPs of mailservers that have sent mail to bad addresses on SDE mailservers in the past 2 1/2 hours, that are not in several other spam databases. No TXT records, missing 127.0.0.2 test entry. Warning: Is not testable.”
   115. SENDERBASE - ”Keeps track of how much E-mail is being sent from IPs/domains, has information about many of them, and will soon have a DNS lookup service. Warning: Is not testable.”
   116. SERVICESNET - ”Lists all IPs in South Korea; see URL for details. Unconfirmed 28 Oct 2002 due to no 127.0.0.2 test entry. Warning: Is not testable.”
   117. SORBS-BLOCK - ”Spam and Open Relay Blocking System. This test lists networks that request never to be tested. Confirmed on 28 Aug 2003. Can also be used with the zone block.dnsbl.sorbs.net.”
   118. SORBS-DUL - ”Spam and Open Relay Blocking System. This test lists dynamic IP ranges. Confirmed on 28 Aug 2003. Can also be used with the zone dul.dnsbl.sorbs.net.”
   119. SORBS-HTTP - ”Spam and Open Relay Blocking System. This test lists Open HTTP Proxy servers. Confirmed on 11 Dec 2002. May return multiple A records. Can also be used with the zone http.dnsbl.sorbs.net.”
   120. SORBS-MISC - ”Spam and Open Relay Blocking System. This test lists open proxy servers not listed in the SORBS-HTTP or SORBS-SOCKS tests. Confirmed on 11 Dec 2002. May return multiple A records. Can also be used with the zone misc.dnsbl.sorbs.net.”
   121. SORBS-SMTP - ”Spam and Open Relay Blocking System. This test lists open relays. Confirmed on 11 Dec 2002. May return multiple A records. Can also be used with the zone smtp.dnsbl.sorbs.net.”
   122. SORBS-SOCKS - ”Spam and Open Relay Blocking System. This test lists Open SOCKS Proxy servers. Confirmed on 11 Dec 2002. May return multiple A records. Can also be used with the zone socks.dnsbl.sorbs.net.”
   123. SORBS-SPAM - ”Spam and Open Relay Blocking System. This test lists hosts that have sent spam to the admins of SORBS. Confirmed on 11 Dec 2002. May return multiple A records. Can also be used with the zone spam.dnsbl.sorbs.net.”
   124. SORBS-WEB - ”Spam and Open Relay Blocking System. This test lists web servers which have vulnerabilities that can be used by spammers (such as formmail scripts). Confirmed on 11 Dec 2002. May return multiple A records. Can also be used with the zone web.dnsbl.sorbs.net.”
   125. SORBS-ZOMBIE - ”Spam and Open Relay Blocking System. This test lists networks hijacked from their original owners, some of which are already spamming.. Confirmed on 12 May 2003. Can also be used with the zone zombie.dnsbl.sorbs.net.”
   126. SPAMBAG - ”Lists networks that send out spam, perform dictionary attacks, both the direct sources and the networks used by them (and networks used to sell software used by them). Warning: Will list large ISPs that tolerate spamming (IE Sprint). May return codes other than 127.0.0.2. Test listing confirmed 14 Dec 2001.”
   127. SPAMCOP - ”Lists mail servers that have a high spam-to-legitimate-mail ratio. Catches about the most spam of all tests. Donations are requested.”
   128. SPEWS - ”SPEWS is a list of areas on the Internet which several system administrators deny E-mail from. Warning: Intentionally lists legitimate mailservers that either have IPs close to spammers, or that had problems in the past that have been completely fixed. Should not be used to block mail, although could be used in a weighting system.”
   129. TECHNOVISION - ”Lists IPs of mailservers that have sent spam to the administrator of technovision.dk.”
   130. TRIUMF - ”Unconfirmable on 09 Apr 2002. Warning: Is not testable.”
   131. TUBERLIN - ”Unconfirmable on 09 Apr 2002. No documentation. Warning: Is not testable.”
   132. UCEB - ”A hardcore spam list; lists mailservers that have sent spam. Returns multiple A records. Confirmed 29 Oct 2002.”
   133. URBL - ”Lists every IP address (for the totally clueless: that means that every E-mail from anybody on the Internet will be blocked). Should not be used, of course. This one was included because it has a good point: you REALLY should know what and why a test blocks before using it. Confirmed 09 Apr 2002. Warning: Is not testable.”
   134. US - ”Lists IPs of about 20 different countries and many ISPs (one zone per country/ISP), including Verio. Confirmed 23 Aug 2002. Warning: Is not testable.”
   135. VOX - ”Lists IPs that phydiux.com and it&#39;s partners have received spam from. Confirmed on 23 Oct 2002.”
   136. WSFF - ”Unconfirmable on 09 Apr 2002. No documentation. Warning: Is not testable.”
   137. WYTNIJ - ”Looks like a valid spam database, but untestable (on 24 Mar 2002). Instruction appear to be in Polish, although it&#39;s a Tonga domain. Warning: Is not testable.”
   138. XBL - ”Extreme spam Blocking List, possibly designed to have every known IP listed. Warning: They include Sprint and uunet IPs, and will not remove non-spammers from the list. Can return 127.0.0.2 as well as the documented 127.0.0.4. Re-confirmed 21 Mar 2002.”
   139. YAMTA-SPAM - ”Lists IPs of spammers that have sent spam to the servers of the people that run this test. Confirmed on 30 Jun 2003.”
   140. YAMTA-PROBES - ”Lists IPs of spammers that probed the servers of the people that run this test, to see if they are running an open relay. Confirmed on 30 Jun 2003..”
   141. YBL - ”Lists all known Yahoo (and subsidiaries) netblocks, worldwide. Confirmed on 01 Jun 2002.”

RELATING POSTS: Comming Soon...

RESULTS WILL VARY
No matter how good your systems may be, they&#39;re only as effective as what you put into them.

[nikita69]

HOW TO STOP SPAM VIA WINDOWS MESSENGER SERVICE
Below you&#39;ll find many ways (sorted in the most successful ratio first) to stop the Windows Messenger service, depending on your system environment, some may require more than one process. This service is available only on NT, 2K, XP & Server 2003. Administrator Login is REQUIRED

About The Messenger Service

• Messenger is a Windows Service that runs in the background
• Messenger is not the same as MSN Messenger or any other Instant Messaging Program
• Messenger does not facilitate two-way chatting
• Many Windows Programs, Firewalls, UPS and Antiviruses require the Messenger Service
• Antivirus and UPS software, among others, may not work if Messenger is disabled
• The Messenger Service is usually turned on by default in most Windows NT, 2K and XP systems

1. MANUALLY
   1. (IMPORTANT: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base: 256986 - Description of the Microsoft Windows Registry
   2. Example 1
      1. Click Start, Run and enter the following command:
         RunDll32 advpack.dll,LaunchINFSection %windir%&#092;inf&#092;msmsgs.inf,BLC.Remove
         NOTE: This will prevent a long delay when opening Outlook Express if you have the Contacts pane enabled
      2. To prevent this, click Start, Run and enter {REGEDIT} Go to:
         HKEY_LOCAL_MACHINE&#092;Software&#092;Microsoft&#092;Outlook Express
      3. Right click in the right pane and select New, Dword value
      4. Give it the name Hide Messenger Double click this new entry and set the value to 2
      5. End result should look EXACTLY like this:
         System Key: [HKEY_LOCAL_MACHINE&#092;SOFTWARE&#092;Microsoft&#092;Outlook Express]
         Value Name: Hide Messenger
         Data Type: REG_DWORD (DWORD Value)
         Value Data: (2 = remove messenger)
   3. Example 2
      1. Copy and paste the following to Run Command Bar in the Start Menu:
         RunDll32.exe advpack.dll,LaunchINFSection
         %windir%&#092;inf&#092;msmsgs.inf,BLC.Remove
   4. Example 3
      1. If Example 5 didn&#39;t work, then try this - Many users miss or don&#39;t know of it
      2. Click on Start then go to RUN and type:
         C:&#092;WINDOWS&#092;inf&#092;sysoc.inf
      3. Change:
         msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
      4. To:
         msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,7
      5. Then use Add/Remove Windows Components to remove Messenger
         NOTE: You can also prevent access to Windows Messenger using Group Policy or the Set Program Access and Defaults utility added by default in Windows XP SP1 and Windows 2000 SP3
   5. Example 4
      1. Open Windows Messenger
      2. From the menu, select "Tools" then "Options" then "Preferences" tab
      3. Uncheck "Run this program when Windows starts"
      4. Open Outlook Express
      5. From the menu, select "Tools" then "Options" then "General" tab
      6. Uncheck the option to "Automatically log on", if it&#39;s there
      7. Also in Outlook Express, select "View" then "Layout"
      8. Uncheck the option to "display Contacts" - The program will open a connection and display a list of all Contacts on line if you do not
      9. In "Startup Folder" make sure there is no entry there for Messenger
      10. Open Norton Anti-Virus if you have it installed
      11. Click "Options" then "Instant Messenger"
      12. Unckeck "Windows Messenger (recommended"
          NOTE: This list ought to work in disassociate MSN from Outlook Express, so that it&#39;ll only start up if you really want it to
   6. Example 5
      1. 2000
         • Click Start-> Settings-> Control Panel-> Administrative Tools->Services
         • Scroll down and highlight "Messenger"
         • Right-click the highlighted line and choose Properties
         • Click the STOP button
         • Select Disable in the Startup Type scroll bar
         • Click OK
      2. XP Home
         • Click Start->Settings ->Control Panel
         • Click Performance and Maintenance
         • Click Administrative Tools
         • Double click Services
         • Scroll down and highlight "Messenger"
         • Right-click the highlighted line and choose Properties
         • Click the STOP button
         • Select Disable in the Startup Type scroll bar
         • Click OK
      3. XP Professional
         • Click Start->Settings ->Control Panel
         • Click Administrative Tools
         • Click Services
         • Double click Services
         • Scroll down and highlight "Messenger"
         • Right-click the highlighted line and choose Properties.
         • Click the STOP button.
         • Select Disable in the Startup Type scroll bar
         • Click OK
      4. Windows NT
         • Click Start ->Control Panel
         • Double Click Administrative Tools
         • Select Services-> Double-click on Messenger
         • In the Messenger Properties window, select Stop
         • Then choose Disable as the Startup Type
         • Click OK
         NOTE: If you stop the service and don’t adjust the startup type, the Messenger service will start automatically the next time you reboot. Keep in mind that when you disable the Messenger service, you&#39;ll no longer receive messages about an attached UPS, and you won’t be notified of print job completion, performance alerts, or antivirus activity (from Windows) not the program you&#39;re using for those purposes.
   7. Example 6
      1. To disable receipt of messenger pop-ups, verify that your firewall disables inbound traffic on UDP ports 135, 137, and 138, and TCP ports 135 and 139. On a system connected directly to the Internet, you should also disable inbound traffic on TCP port 445. If the system you want to protect is part of a Win2K-based network with Active Directory (AD), don&#39;t block incoming traffic on port 445 - Microsoft Knowledge Base Article - 330904
         NOTE: You can use the firewall approach only if your system doesn&#39;t communicate with legacy systems that rely on NetBIOS name resolution to locate machines and shared resources. If, for example, you let users running Windows 9x share your printer or scanner, when you disable inbound NetBIOS traffic, users won&#39;t be able to connect to these shared resources. Regardless of the method you choose, you can stop messenger spam
2. PROGRAMS
   1. Example 1
      1. Shoot the Messenger
         NOTE: On Oct 15, 2003, Microsoft releases Critical Security Bulletin MS03-043 warning users that the Windows Messenger Service running and exposed by default in all versions of Windows NT, 2000 and XP, contains a "Remote Code Execution" vulnerability that allows any not otherwise secured and protected Windows machine to be taken over and remotely compromised over the Internet
   2. Example 2
      1. Messenger Disable
         NOTE: If you choose to uninstall Windows Messenger on a system with SP1 installed, you will receive an error message about "un-registering" an OCX file. This is normal, and doest not affect the removal process. Windows Messenger will still be removed
   3. Example 3
      1. MessengerScan - a Windows based detection and analysis utility that can quickly and accurately identify Microsoft operating systems that are vulnerable to the messenger service buffer overflow released in the MS03-043 bulletin
3. TESTS
   1. Example 1
      1. Right-click "My Computer"
      2. Select "Manage"
      3. Under "System Tools" right-click on "Shared Folders"
      4. Choose "All Tasks" and select "Send Console Message..."
      5. If you recieve the following error message then the service has been disabled, otherwise confirm that you have disabled it or try another example
         "The following error occured while reading the list of sessions from Windows clients:
         Error 2114: The Server service is not started."
   2. Example 2
      1. Click Start then "Run"
      2. Type in {cmd.exe}
      3. Type in net send 127.0.0.1 hi
      4. If you get a popup "hi" message, then confirm that you have disabled it or try another example
4. IF YOU INSIST
   1. If you insist on keeping Windows Messenger, then I&#39;d recommend Messenger Manager - "Allows you to keep your messenger service running, as is intended and needed by Windows. This ensures that vital system errors and notifications may be sent informing you of Important System Events"
   2. However, as a replacement to Windows Messenger remote control feature, I&#39;d recommend this free tool Virtual Network Computing - "It is a remote control software which allows you to view and interact with one computer (the "server") using a simple program (the "viewer") on another computer anywhere on the Internet. The two computers don&#39;t even have to be the same type, so for example you can use VNC to view an office Linux machine on your Windows PC at home"

RELATING POSTS: comming soon...

RESULTS WILL VARY
No matter how good your systems may be, they&#39;re only as effective as what you put into them.
updated

[nikita69]

HOW TO TWEAK THE REGISTRY SETTINGS FOR MAXIMUM PROTECTION FROM NETWORK ATTACK

The following registry settings will help to increase the resistance of the NT or Windows 2000 network stack to network denial of service attacks. All of the TCP/IP parameters are registry values located under the registry key:

HKEY_LOCAL_MACHINE
&#092;SYSTEM
&#092;CurrentControlSet
&#092;Services:
&#092;Tcpip
&#092;Parameters
(IMPORTANT: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base: 256986 - Description of the Microsoft Windows Registry

1. SynAttackProtect
   1. Key: Tcpip&#092;Parameters
   2. Value Type: REG_DWORD
   3. Valid Range: 0, 1, 2
      0 (no synattack protection)
      1 (reduced retransmission retries and delayed RCE (route cache entry) creation if the TcpMaxHalfOpen and TcpMaxHalfOpenRetried settings are satisfied.)
      2 (in addition to 1 a delayed indication to Winsock is made.)
      Note: When the system finds itself under attack the following options on any socket can no longer be enabled : Scalable windows (RFC 1323) and per adapter configured TCP parameters (Initial RTT, window size). This is because when protection is functioning the route cache entry is not queried before the SYN-ACK is sent and the Winsock options are not available at this stage of the connection.
   4. Default: 0 (False)
   5. Recommendation: 2
   6. Description: Synattack protection involves reducing the amount of retransmissions for the SYN-ACKS, which will reduce the time for which resources have to remain allocated. The allocation of route cache entry resources is delayed until a connection is made. If synattackprotect = 2, then the connection indication to AFD is delayed until the three-way handshake is completed. Also note that the actions taken by the protection mechanism only occur if TcpMaxHalfOpen and TcpMaxHalfOpenRetried settings are exceeded
2. TcpMaxHalfOpen
   1. Key: Tcpip&#092;Parameters
   2. Value Type: REG_DWORD—Number
   3. Valid Range: 100–0xFFFF
   4. Default: 100 (Professional, Server), 500 (advanced server)
   5. Recommendation: default
   6. Description: This parameter controls the number of connections in the SYN-RCVD state allowed before SYN-ATTACK protection begins to operate. If SynAttackProtect is set to 1, ensure that this value is lower than the AFD listen backlog on the port you want to protect(see Backlog Parameters for more information) . See the SynAttackProtect parameter for more details
3. TcpMaxHalfOpenRetried
   1. Key: Tcpip&#092;Parameters
   2. Value Type: REG_DWORD—Number
   3. Valid Range: 80–0xFFFF
   4. Default: 80 (Professional, Server), 400 (Advanced Server)
   5. Recommendation: default
   6. Description: This parameter controls the number of connections in the SYN-RCVD state for which there has been at least one retransmission of the SYN sent, before SYN-ATTACK attack protection begins to operate. See the SynAttackProtect parameter for more details
4. EnablePMTUDiscovery
   1. Key: Tcpip&#092;Parameters
   2. Value Type: REG_DWORD—Boolean
   3. Valid Range: 0, 1 (False, True)
   4. Default: 1 (True)
   5. Recommendation: 0
   6. Description: When this parameter is set to 1 (True) TCP attempts to discover the Maximum Transmission Unit (MTU or largest packet size) over the path to a remote host. By discovering the Path MTU and limiting TCP segments to this size, TCP can eliminate fragmentation at routers along the path that connect networks with different MTUs. Fragmentation adversely affects TCP throughput and network congestion. Setting this parameter to 0 causes an MTU of 576 bytes to be used for all connections that are not to hosts on the local subnet
5. NoNameReleaseOnDemand
   1. Key: Netbt&#092;Parameters
   2. Value Type: REG_DWORD—Boolean
   3. Valid Range: 0, 1 (False, True)
   4. Default: 0 (False)
   5. Recommendation: 1
   6. Description: This parameter determines whether the computer releases its NetBIOS name when it receives a name-release request from the network. It was added to allow the administrator to protect the machine against malicious name-release attacks
6. EnableDeadGWDetect
   1. Key: Tcpip&#092;Parameters
   2. Value Type: REG_DWORD—Boolean
   3. Valid Range: 0, 1 (False, True)
   4. Default: 1 (True)
   5. Recommendation: 0
   6. Description: When this parameter is 1, TCP is allowed to perform dead-gateway detection. With this feature enabled, TCP may ask IP to change to a backup gateway if a number of connections are experiencing difficulty. Backup gateways may be defined in the Advanced section of the TCP/IP configuration dialog in the Network Control Panel. See the "Dead Gateway Detection" section in this paper for details
7. KeepAliveTime
   1. Key: Tcpip&#092;Parameters
   2. Value Type: REG_DWORD—Time in milliseconds
   3. Valid Range: 1–0xFFFFFFFF
   4. Default: 7,200,000 (two hours)
   5. Recommendation: 300,000
   6. Description: The parameter controls how often TCP attempts to verify that an idle connection is still intact by sending a keep-alive packet. If the remote system is still reachable and functioning, it acknowledges the keep-alive transmission. Keep-alive packets are not sent by default. This feature may be enabled on a connection by an application
8. PerformRouterDiscovery
   1. Key: Tcpip&#092;Parameters&#092;Interfaces&#092;
   2. Value Type: REG_DWORD
   3. Valid Range: 0,1,2
      0 (disabled)
      1 (enabled)
      2 (enable only if DHCP sends the router discover option)
   4. Default: 2, DHCP-controlled but off by default.
   5. Recommendation: 0
   6. Description: This parameter controls whether Windows 2000 attempts to perform router discovery per RFC 1256 on a per-interface basis. See also SolicitationAddressBcast
9. EnableICMPRedirects
   1. Key: Tcpip&#092;Parameters
   2. Value Type: REG_DWORD
   3. Valid Range: 0, 1 (False, True)
   4. Default: 1 (True)
   5. Recommendation: 0 (False)
   6. Description: This parameter controls whether Windows 2000 will alter its route table in response to ICMP redirect messages that are sent to it by network devices such as a routers

RESULTS WILL VARY
No matter how good your systems may be, they&#39;re only as effective as what you put into them.
updated

[nikita69]

WHAT IS A WEB BASED PROXY?[list=1][*]First of all, let’s start out by defining what a proxy is. A proxy is a machine that is between an originating machine and a destination machine. As you (hopefully) already know, each and every machine on the web has its own unique IP (Internet Protocol) address, which is assigned by the ISP (Internet Service Provider). So, when someone is using a web based proxy, they are the origin. By using a proxy the user will mask their IP from sites that they are visiting, and thereby provide themselves with anonymity. Some proxies cache web pages, thereby increasing load speeds as the page is not downloaded every time it is viewed (they usually update at regular intervals).

• Example:
  
• As the above indicates, the destination will not see the user’s IP as the proxy machine is the machine logging into the destination, not the user’s machine.

[*]Authenticating A Proxy

1. Many of the proxies a user will come across will be outdated and dead. Thus, one needs to be able to bypass all the ‘dead’ proxies in order to save time. A program that is very useful for this is MultiProxy™.
2. Using MultiProxy a user can import a *.txt list of proxies that has been created and then proceed to “Check All Proxies” via the application. Once MultiProxy has completed its check, the user can delete all non-responding proxies, then export the revised proxy list out to a *.txt file to save for a backup if so desired. The remaining proxies should all have green circles next to them, thus indicating a functioning proxy. There is much more to this program, and perhaps I will write a future article on its finer functions.
3. Never rely on ONE program/site to check the anonimity of each proxy. Use several programs/sites, change the CGI script for more intensive and detailed testing. These tips require a topic of itself, of which I will create soon.

[*]Using a Proxy

1. Most applications that access the internet will have an option to use a proxy somewhere. Once you find it the rest is fairly self explanatory. The proxy’s address goes in the ‘Address’ bar and the port number goes in the ‘Port’ bar.
   When finding proxies on the web, most will be displayed in a manner similar to this:
   • IP : Port (without the space in between)
     123.456.789.100:8080
     And this is how it should appear in the application’s options:
     Address: 123.456.789.100
     Port: 8080

[*]How To Tell If A Proxy Is Anonymous

1. Note that not all proxies will facilitate the above. Those proxies are commonly known as “Transparent” proxies. This means that they forward some or all of the user’s information to the destination. When striving for anonymity it is important to ensure that you find proxies that are “Anonymous” or defined as “High Anonymity.” Also remember to test these for yourself. Check the test links posted HERE. Bear in mind, however, that even if no proxy is detected (meaning it’s an anonymous proxy), it may not be totally anonymous. Sites that run Java or Active/X Scripts can still see through proxies. With a simple code, that I will discuss later, using either VM or SVM
2. Chaining Proxies
   1. A method that allows for increased security is a technique called “chaining.” In this method there are multiple proxies between a user and a destination.
      • Example:
        
      • Proxies can be used in chains that are as short or as long as you would like. The generic syntax for chaining proxies is similar to this:
        • Address: 123.456.789.124:80 987.654.321.237
          Port: 8000
      • In the above, there are two proxy addresses and two port numbers.
        • Proxy one is 123.456.789.124 and the port that it is on is port 80
        • Proxy two is 987.654.321.237 and it is on port 8000
        • They are separated with a ‘space.’
   2. That is the most typical manner of importing proxies using windows based GUI applications as far as I have seen.
   3. Also, when chaining proxies, remember to pay attention to politics as connecting through countries with political tension will decrease the chance that the requesting government can get the logs within any reasonable time, and if they have to trace multiple hops a proxy may have already deleted its logs before they can get them. If this occurs, odds are, it will end their search.
   4. HowTo: Proxy Chain In Internet Explorer 6.0.29
      • Under Tools/Internet Options/Connections/LAN
      • Settings/Proxy Server
      • In the address bar, type <Proxy IP>:<Port> <Proxy
      • IP>:<Port>. Make sure you separate each pair with a space. And remember that the last port in the proxy chain string must go in the port box of the IE proxy settings..
        • Example using the following IPs:
          Address: 216.148.246.133
          Port: 8000
          Address: 128.32.56.100
          Port: 8000
          Address: 206.105.71.2
          Port: 80
      • Here&#39;s the method for IE (All versions) and probably Netscape:
        • Address: 216.148.246.133:8000 128.32.56.100:8000 206.105.71.2
          Port: 80
   5. Notes
      • Remember that setting a proxy in your web browser will only affect your web browser, nothing else. Each program that you wish to operate through a proxy must be set up individually.
      • From my experience, a user cannot input the proxy(s) and port(s) directly into the URL address bar. It has to be done through the options (this applies for at least Internet Explorer on Windows XP).
      • Normal proxies and SOCKS proxies are only compatible one way. Thus SOCKS proxies will work where one would input normal proxies, but not vice versa.
      • Many proxies that I have come across limit navigation to within certain sites. Others have filters on “questionable material.” Simply filter through them and find the good ones, don’t waste too much time trying to get one to work. There are plenty more.
      • Remember that laws regarding proxy use vary. Be sure to know the laws for where you are.

RELATING POSTS: comming soon...

RESULTS WILL VARY
No matter how good your systems may be, they&#39;re only as effective as what you put into them.

CREDIT/OTHER: <span style='color:green'>HERE</span>
new

[DL.]

Why don&#39;t you just provide the links to this material instead of cut and pasting it here?

http://www.google.ca/search?q=cache:tGo55J...&hl=en&ie=UTF-8

Under Tools/Internet Options/Connections/LAN Settings/Proxy Server
In the address bar, type <Proxy IP>:<Port> <Proxy IP>:<Port>. Make sure you seperate each pair with a space. And remember that the last port in the proxy chain string must go in the port box of the IE proxy settings..

Say I wanted to use the following IPs:

Address: 216.148.246.133
Port: 8000

Address: 128.32.56.100
Port: 8000

Address: 206.105.71.2
Port: 80

Here&#39;s the method for IE (All versions) and probably Netscape:

Give due credit to the author at least

[nikita69]

read above under credit/other.

[nikita69]

HOW TO SPEED-UP YOUR WEB SURFING

Continuing from example 1 & example 2 & example 3 & example 4:

1. IMPORTANT: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base: 256986 - Description of the Microsoft Windows Registry
2. Name Resolution
   1. Understand exactly how Name Resolution works and what steps are taken to process your request - below is a simple explanation and HERE is a more detailed explanation
      1. NetBIOS Name Cache — A client first queries the local NetBIOS name cache. NetBIOS names and IP addresses are preloaded into the name cache when a #PRE entry for the names and IP addresses appears in the LMHOSTS file
      2. WINS Server — If the unresolved NetBIOS name isn’t found in the name cache, NT tries to locate that name using a WINS server.
         Broadcasts within an IP subnetwork — If the name cache and WINS server aren’t available or fail to produce a match, the client typically tries a broadcast to the other computers in the network
      3. LMHOSTS File(s) — If a broadcast fails to resolve the name and “Enable LMHOSTS Lookup” is checked, the client looks at the LMHOSTS file for the entries that weren’t preloaded into the NetBIOS name cache
      4. HOSTS File — If the LMHOSTS file search fails, the client then looks at the HOSTS file
      5. DNS Server — If “Enable DNS for Windows Resolution” is checked, the client queries the DNS server, which returns the IP address
         "Knowing the order of name resolution methods will help you optimize access to resources" - Microsoft
   2. Make sure that the value assigned to HOSTS is arithmetically lower than that for DNS and WINS
   3. Other registry to consider tweaking
      1. HKEY_LOCAL_MACHINE&#092;SYSTEM&#092;CurrentControlSet&#092;Services&#092;NetBT&#092;Parameters
      2. HKEY_LOCAL_MACHINE&#092;SYSTEM&#092;CurrentControlSet&#092;Services&#092;NBF&#092;Parameters
   4. Last but certainley not least, is adding the IP addresses of the sites you visit often. Remember, without this step, the query to identify/translate the name addresse you typed is initiated
   Note: AOL doesn&#39;t use the standard TCP/IP stack (at least not the last time I checked)
3. Quality of Service (QoS)
   1. QoS is an industry-wide initiative to provide preferential treatment to certain subsets of data, enabling that data to traverse the Internet or intranet with higher quality transmission service.
      QoS in Microsoft® Windows® operating systems is a collection of components that enable differentiation and management of higher quality data transmissions across the network - Quality of Service (QoS) & HERE
   2. Click Start, Run and enter {REGEDIT} Go to:
      HKEY_LOCAL_MACHINE&#092;SYSTEM&#092;CurrentControlSet&#092;Services&#092;Psched
   3. Right click in the right pane and select New, Dword value
   4. Create a new DWORD value called "AdapterLimit" Double click this new entry and set it to the percentage (in decimal) of bandwidth (0%) to reserve for QoS packets
   5. Restart Windows for the change to take effect
   6. End result should look EXACTLY like this:
      System Key: [HKEY_LOCAL_MACHINE&#092;SOFTWARE&#092;Policies&#092;Microsoft&#092;Windows&#092;Psched]
      Value Name: AdapterLimit
      Data Type: REG_DWORD (DWORD Value)
      Value Data: Decimal Percentage (default = 20)
   Note: You can change these values on each adapter you may have by following the same steps above in [HKEY_LOCAL_MACHINE&#092;SYSTEM&#092;CurrentControlSet&#092;Services&#092;Psched&#092;Parameters&#092;Adapters&#092;{Adpater-ID}], just rename the Value Name & and change the Value Data if needs to be.
   
   In conclusion, these tips may or may not work for you. It has for me, for many years and with the new addition of NetLimiter, believe it or not - some sites decline my connection "error-connection is too fast". Use with caution and always backup your registry before attempting any kind of change.
4. Helpfull Small Programs
   1. CIP - "Is the XPT&#39;s hosts file manager. It is by far the fastest, the most feature-rich, the most interactive and above all the most powerful product of its kind on the market today"
   2. www.freeproxy.ru&#092;download&#092;dns_resolver.exe]DNS RESOLVER[/url] - "This program resolves list of DNS names to IP addresses or lookups IP to DNS"
   3. FAST CACHE - "Is a caching DNS server that runs on your local machine and handles any DNS request that your computer makes, from Internet Explorer to your favorite FTP client. Once a query is made, FastCache will override the normal timeout for the item with one that you specify, so instead of saving a query for a couple of seconds, it can save it for a couple of days. Now every time you ask for it again while it&#39;s in the cache, it gives it to you instantly"
   4. FAST NET99 - "Is an advanced HOSTS file manager. It speeds up web surfing by using the Windows HOSTS file to cache IP addresses on your local machine. If the HOSTS file is created, your browser (and all other internet applications) will use it to lookup the DNS before contacting the remote DNS server of your ISP. Since the local lookup is faster, you ll save a few milliseconds with each request that can be resolved locally. FastNet99 can automatically check and update the IP addresses in the local HOSTS file, import your browser bookmarks from IE, Netscape and Opera as well as URLs from the browser cache. In addition, the program provides several useful internet utilities, all integrated with the rest of the features. They include an email checker, port scanner, tracereoute, popup killer, internet application launcher, IP Inspector and more"

RELATING POSTS: comming soon...

RESULTS WILL VARY
No matter how good your systems may be, they&#39;re only as effective as what you put into them.
new

[DL.]

CREDIT/OTHER: ALL TIPS WHERE COMPILED FROM POSTS ON THIS BOARD AND MY HUMBLE EXPERIENCE. IN ADDITION, THEY ARE BASED ON YOU USING THE LATEST SOFTWARE VERSION OF THE PROGRAM DISCUSSED

BULLSHIT&#33;&#33;

http://www.windowsitlibrary.com/Content/155/06/2.html

Name Resolution at a Glance
A client computer configured to use WINS, LMHOSTS files, a HOSTS file, and DNS follows this series of steps to resolve a NetBIOS name:
NetBIOS name cache — A client first queries the local NetBIOS name cache. NetBIOS names and IP addresses are preloaded into the name cache when a #PRE entry for the names and IP addresses appears in the LMHOSTS file.
WINS server — If the unresolved NetBIOS name isn’t found in the name cache, NT tries to locate that name using a WINS server.
Broadcasts within an IP subnetwork — If the name cache and WINS server aren’t available or fail to produce a match, the client typically tries a broadcast to the other computers in the network.
LMHOSTS file(s) — If a broadcast fails to resolve the name and “Enable LMHOSTS Lookup” is checked, the client looks at the LMHOSTS file for the entries that weren’t preloaded into the NetBIOS name cache.
HOSTS file — If the LMHOSTS file search fails, the client then looks at the HOSTS file.
DNS server — If “Enable DNS for Windows Resolution” is checked, the client queries the DNS server, which returns the IP address.
Knowing the order of name resolution methods will help you optimize access to resources. For example, because the NetBIOS name cache is queried first, you could consider using a #PRE entry in the LMHOSTS file to statically add the NetBIOS name and IP address of a computer you communicate with often. Similarly, using a WINS server from a local network or a network that has higher bandwidth will help you resolve NetBIOS over TCP/IP more quickly.

Host name resolution is a lot simpler. When an application needs to resolve a host name, the process is quite similar to that in Unix. The HOSTS file is referenced and if an IP address can’t be resolved from the HOSTS file, NT looks for help from a DNS server (if configured in the TCP/IP configuration parameters). As we explain later, DNS servers running on NT can be configured to use WINS servers. If WINS lookup is enabled, the DNS server tries to resolve the name from the WINS server and returns the IP address to the client.

Remarkable similarity don&#39;t you think?

[Princessgirls]

I tried installing the TWEAKUI tool that u mentioned. It said it needs to run from the control panel...I said OK. now I cant find it. Went to control panel. no sign of it. Tried installing again...got no-where.