Hi,

when opening www.gmx.net and typing netstat -epaoFc | grep seamonkey, these got called :
img.web.de
img.ui-portal.de
js.ui-portal.de
213.248.125.73
216.34.207.71
217.72.195.157
217.72.200.153
etc.
(seems random)

The only real ip for www.gmx.net is 217.72.204.254 (found with ping), the rest is for advertisements and statistics...

I use hosts files and I enter ips manually by looking at netstat.

There is a way to allow or block a range of ips, like :
iptables -I INPUT -m iprange --src-range 80.230.0.0-80.255.0.0 -j DROP

Do you have other tips and tricks ?
/etc/hosts.deny ?

Cheers

...for achieving what?

I use the NoScript and the Adblock Plus extensions for firefox and all is fine for me.

I dont use firefox.

so you said...
Those extensions are available for seamonkey too.

What you didn't say: to achieve what?
[edit] ...I know - its in the threads title...

I don't want to use extensions or other programs.
I will use /etc/hosts

By the way : do you know range of ips I should ban ?
Like dangerous ips, spamming ips etc ?

Well, then, you have sort of limited what "tricks and tips" other people can give you.

Feel free to give tips.
I feel free to use what I like.

What about banning a range of ips ?

Indeed - there is no such thing as spamming IP's or dangerous IP's - and if they are (dangerous,spamming...) today - they may not be tomorrow.
It is a never ending and tedious work not to use such extensions to the browser and still get the same result.

/tips

How often do they change ?

I noticed these come often for ads :
193.93.124. TELEFUN
207.36. affinity.com
212.129.63. TELEFUN
213.248.125. Akamai
80.231.197. Verisign
etc.

In /etc/hosts make those addresses point to 127.0.0.1 as in the examples shown here: http://www.mvps.org/winhelp2002/hosts.htm

Of course, this will be a labour of love as you'll have to do it manually every time you find one.

malware block lists..

* Dshield.org recommended block list (http://feeds.dshield.org/block.txt)
* EmergingThreats rules (many contain IP addresses): (http://www.emergingthreats.net/rules/)
* EmergingThreats RBN IP (http://doc.emergingthreats.net/pub/M...NetworkIPs.txt)
* Spamhaus Drop List (http://www.spamhaus.org/drop/drop.lasso)


http://www.adsblacklist.com/

Quite a few of the content filtering systems can block ad sites, for a minor subscription fee.
Easier for me to pay them for automatic updates than to try and maintain it myself.


You have Verisign in your list.. Verisign was not an advertising site last time I checked. they are a SSL Certificate provider

For instance I blocked 80.231.197.203 (verisign), is it a stats server ?

http://www.verisign.com/verisign-inc/index.html - I can't believe you haven't heard of the security certificate provider Verisign.

If I open www.myspace.com then 80.231.197.203 among others is called.

...so?
Why shouldn't verisign get called?
BTW:
I does not get called for me - which shows that you can - by going this way - very proably easily lock out legitimate sites and create problems instead of solving...what exactly? (never mind - don't answer that)