The best way to do it is to get all the zone information for ad company domains - doubleclick.net etc. - and edit your PC's host file so that their adserver hostnames all resolve to 127.0.0.1 or some other reserved IP.

It also has the side-effect of not seeing any ads.

and whitelist sites which I trust and feel deserve my support by showing adds for me to ignore. ;-)

I am not quite sure this is going to save you. Linux is one answer anyway.

...but none that I know of can consistently take care of layer ads yet. And yep, so far I have seen precious little mal-adware for anything other than Windows, so using a different OS helps a little. Of course, once the percentage of non-Windows users rises, they will also be targeted.

@ LaeMi Qian: I have seen tainted ads on otherwise perfectly good and trustworthy web sites -- the owner of the URL can't do much if the ad service is letting malware through without noticing. I once got the message "Your Windows computer is unsafe! Install XXXX (Yes) (cancel)" on the homepage of a renowned newspaper. And no, I was not running Windows...

the ad bolcker should save you

adblock for firefox has a list of the domains to block so the banners are never loaded

(obviously the white listing of sites will circumvent any protection he gets if he tells adblock (or which ever he uses) to load all content on the page and not just ads that are hosted by the website he is visiting)

Block the source domain IP's on the router firewall, if you have one.

I use a "default deny" stance. Nothing gets run from any site I don't explicitly trust. Ads are blocked, scripts, flash, anything. Adblock plus, with NoScript and CookieSafe just about take care of this for me.

http://www.ranum.com/security/computer_security/editorials/dumb/ was the article that influenced my security stance the most, and is well worth a read.

I second that. Got just that on Tom's Hardware the other day. I emailed 'em with my findings and got a nice reply back saying they'd identified the bit of scroteware concerned and blacklisted the ad company serving it until they could prove they'd got their house in order.

If all reputable sites behaved this way, the problem would disappear quicker than snow in the Sahara. The ad servers need to be forced to put controls in place to prevent this sort of thing and summarily severing their revenue streams is the only language they understand.

It would help here if the marketing idiots who sign contracts with ad servers would learn to insist on a clause to the effect that any misbehaviour would result in them getting turned off until they'd taken effective steps to remedy the situation rather than happily signing something that says something like: "We the bum-sucking ad servers reserve the right to roger you over the table repeatedly if you so much as dream of interfering in our access to your clients"......

About 4 years ago after Falk (?) got their servers hacked and started serving malware via banner ads, I started using a HOSTS file that came with Kazaa Lite

which alias out a ton of 3rd party cookie and ad servers.

I've since then added Flashblock and NoScript to Firefox ( after the Falk AG incident I stopped using MSIE as my "everyday" browser.

Now I only use IE for mainstream media sites and ones run by public sector agencies.

...Dumbest Ideas in Security...

Worth a read indeed! Thanks for posting that.

One aspect missed by your commentators so far (techies, bless 'em!) is the issue of liability. When some harm occurs (from as trivial as a family PC having to be rebuilt at, to them, great inconvenience and cost, upwards), who ought to provide compensation?

I have mailed a UK national newspaper about this in relation to something much more trivial (a button being transparently overlayed by an advert which thus took me to the site of a UK airline) and recieved a holding reply.

Is it the newspaper which is the end deliverer? The advertiser with whom they contract? And so on upstream. My take is that it OUGHT to be the site which I chose to visit, as I have no control over anything upstream (hence the issue in the first place).

I don't know where the law stands.

It's like showing up at the Queen's door in a Yugo.

What was the topic again? Ads? What ads? I haven't seen an ad in quite some time.

Get your hosts file from here:

http://www.mvps.org/winhelp2002/hosts.htm [Updated 01-03-08]

Then use Adblock+ and maybe Flashblock and NoScript.

"Of course, once the percentage of non-Windows users rises, they will also be targeted."

In reality people want to attack corporations and servers not home users, they want to attack the people who actually have the bigger market share than microsoft they want to atatck the countless Linux or Solaris systems out there, the fact is they can't, because they are inherently more secure by design. So they get hordes of insecure windows machines and just bombard the real computers out there with more traffic than they can handle to temporarily take them offline.

When you bring up your own website and you get "somethingnastyashell.exe is an executable what do you want to do with it?" and you realize this may have been going for a long time friends, family, coworkers, the great unwashed public, have been victimized by your site I took down the banner immediately but who knows how much damage was done it's very horrible. I have adsense now and I haven't seen any driveby goodies for two years but I always check there are people I know who won't visit my site still because they got the malware I don't blame them I am not sure I would trust me either.