Have you ever wondered why you get all the advertisements to all the 'pornographic' websites? Can you believe, these people don't really want you to see pornography, but are really just trying to tempt you to go to that website through the thought or  hope of viewing pornographic materials. You may even find some pornography on the website, but there is an underlying reason for the temptation by the website author.

What is really happening here is the use of a website, and a little javascript. By use of 'Server Side' scripts and your Internet Browser allowing these scripts to be run, a virus/trojan horse is being uploaded to, and installed on your computer. You don't have to download a file and double-click the file to install the virus anymore, now  your Internet Browser is doing the work for you.

Once installed, either the virus causes damage to your file system, or the trojan horse is loaded and runs on your computer (without your knowledge), acting as a remote access server, waiting to be connected to by malicious users who have the client-side software. Once a remote connection is made by the client (malicious user), then the remote client has a little bit of control of your computer. They may even have administrator rights. Administrator rights allow them complete control over your computer.

Another thing that might have happened is an ircbot may have been uploaded to your computer. These are also referred to as Ad Drones, Spam Bots, or Zombies. What these bots do is run as a background process unknown to you. They log onto an IRC network such as DALnet, join several different channels and send the website address and an advertisement offering for you to see their girl friend naked, yes the same ones you see over and over. 'Come see my girl friend naked at www.infectedwebsite.com,' or some such advertisement. Whatever the advertisement is, you can count on the website address not being legitimate, or for any other purpose except to upload these 'script kiddie' tools to your computer.

An Explanation about Server/Client Software

Earlier I referred to Trojan Horse, Server software, and then Client software. What exactly did I mean some of you night be asking. Ok, let me explain.

A trojan horse consists of two different software applications. One of these applications is what is called the 'Server software,' or simply the 'Server.' What a server does is, it runs on a computer, basically telling Client versions of the software that it is listening for them to ask for permission to make a connection.

Now the Client software, which is the part of the software use by the attacker, is used to seek out these listening servers and ask them for permission to establish a connection to the server computer. The client is usually set up to automatically produce a username and password, the correct username and password might I add, since the attacker set all of this up. Once this process is completed, and the client connects to the server, then the attacker has certain access to your computer, and possibly administrative rights of the server computer. If he/she has administrative rights, then this person owns your computer.

So let me ask you a few questions. Are you going to go to anymore of the advertised porno sites you see on IRC? Did you know there are a few simple ways to protect yourself from these advertisements? Would you like to know how to avoid getting one of the many viruses or trojan horses?

Easiest way to avoid this, is don't go to the website that has been advertised. Don't go there AT ALL! Another thing you can do on DALnet is, use DALnet's command /mode yournick +R. What this command does is prevents Non-registered nicknames from sending you private messages, whether your nickname is registered or not. Here is a quick example of the use of this command.

Let's say my nickname is AttackerTarget. Once I log onto a DALnet server, I can type the following command, in any IRC window I have open (the first window I will have opened is the 'Status Window'):

/mode AttackerTarget +R

The 'R' must be a capitol R. This simple step alone prevents 80-90% of all the spam, maybe  more. We can even write a custom command, or an alias script to make this an easier task, and even make it an automatic task during the the process of logging onto a DALnet server. Let's make a simple alias script. For this script you will have to type the command manually each time you log onto DALnet. Below is the example. Type this once you are logged onto DALnet in your 'Status Window.'

/alias /moder /mode $me +R (and press enter).

Once you do this, you will see a reply similar to, Alias moder has been added. When you see this, you can now use the command, and to use the command all you have to do is type: /moder (and press enter).

Again, this is a really easy fix to rid yourself of 80-90% of the website advertisements.

-----------------------------------------

Original Article by |nV|CTvS Date 12/28/2003