- [+]
- Community
- Sales Tracker
- Tools
- Counters
- Graphics
- Malls
- Guides
- Help/About
|
|
||
|
Sun, 17/05/2009 - 8:13am
 Welcome to the in-depth guide to avoiding cookie grabbers. This page has been generated from background information of how it works, reverse engineering of various neo CGs and 1st hand research. (plus losing 800k + trades along the way, but hey, it's priceless!!) [SHORT VERSION] For the in-depth version, please see http://www.neopets.com/~punchback_bob Get firefox here: http://www.mozilla.com/en-US/firefox/firefox.html?from=getfirefox Recommended Firefox Add-ons
"NOSCRIPT" This helps block malicious scripts from running. Don't forget to whitelist neopets.com and any other sites that you trust (like hotmail.com) (see attachment) FLASHBLOCK This allows you to selectively load adobe flash player objects. If you need flash to play games, simply click the arrow to enable that object. This is allowed since most browsers don't even come with flash. Do not whitelist neopets as one type of CG uses a redirection of http://images.neopets.com/flash_version_check_v1.swf? to steal cookies. KEYSCRAMBLER ADD-ON. For protection against key loggers (programs that record everything you type) It's no use changing your password if every key you press is being sent to the "hacker" ADBLOCK. It allows you to block ads... and other things (like CGs) See attachment for more info REQUESTPOLICY. RequestPolicy is an extension that improves the privacy and security of your browsing by giving you control over when cross-site requests are allowed by webpages you visit.
Think you got CG'd? If you THINK you were CG'd, the first you should do is LOG OUT. Why? Because this invalidates the cookie that the "idiot" took. Try it yourself. Log into neo in another browser. You will see that you can browse neopets for a bit on both web browsers. Now click the log out button of one browser and see what happens. Contrary to popular belief, clearing cookies will do nothing for you. Just log out, get the keyscrambler add-on (if you can get it), and then log back in and THEN change your password
 Thanks for the heads up mean tree! Very good advice because I have some kind of awful virus/worm/trojan thing on my computer. The day I got infected I had only been to neopets, a few neohelp sites, and Cnn.com.  Ugh I still have nightmares about when I was CG'd  Ditto Nicole. Thanks for posting mean tree.  what in the world are TNT doing not fixing this??? its beyond my comprehension thanks for the tips, mean tree!  Thanks for the tips.  I think its truely horrible that this has been going on for about 9 months now? (maybe longer, who knows, but about 9 months since its been a huge problem)  I was oddly logged out once last week and I signed back on and immediately changed my password and made sure the email hadn't changed. I chance my word at least once a week and anytime I snipe something or any time I get that feeling in my gut. I tried NoScript is annoyed the tar out of me.  Thx for the tips mean tree. I didn't know you could get CG'd just by being on neopets o.0 *is more paranoid then ever*. Does anyone know any tips on how to stay safe on IE8? Quote:
Does anyone know any tips on how to stay safe on IE8? Umm. Switch to firefox? Sorry, I just really hate IE. =/
|
Stealth! - busy 
Likes (0)
Male
Location: Toronto, ON
Rating: + 23
RECENT UPDATES - March 11th, 2010
It appears that accounts that have not been logged in are getting broken into. Thus it is possible that the neopets DB could have been accessed, etc. Thus is it best to change this password every so often.
FAN SITES
make sure your neopets/email account password is DIFFERENT from the passwords you use at fan sites.
To block neopets ads, follow the instructions here:
http://www.neopets.com/~saudor#adblock
For tips on blocking XSS exploits, please scroll above.