There has been a hot debate going on in another thread, and there is one aspect that I'd like to see clarified.

It was stated that '127.0.0.1' should never be trusted.

Is this true ?

Does security software commonly trust '127.0.0.1', which is usually the same as the localhost as I understand ?

I've taken a look in my Spy Sweeper (version without antivirus), there it says under 'host file shield options':

Address: localhost ; IP Address in Hosts File: -blocked- ; Correct IP Address 127.0.0.1

I'm not quite sure what that means. Does it block IP adresses in the hosts file other than 127.0.0.1, or does it block 127.0.0.1 ?
In the past I have received some emails (with the Spy Sweeper giving real-time protection, but maybe it doesn't work for emails) with 127.0.0.1 at the bottom of the header, and the emails contained pictures, even though my Outlook Express does not display email in htlm. Couldn't that be dangerous ?

Just looking for some clarification.

Hello,
Why shouldn't you trust your own computer?
I really don't know what Spy Sweeper does or why - and the same for Outlook Express. I can only tell you that addresses 127.x.x.x are local. Thus anything coming from this address was generated by your own processes. So ...
Mrk

{QUOTE-> Hello,
Why shouldn't you trust your own computer?
I really don't know what Spy Sweeper does or why - and the same for Outlook Express. I can only tell you that addresses 127.x.x.x are local. Thus anything coming from this address was generated by your own processes. So ...
Mrk <-QUOTE}
I can add that 127.x.x.x not only local, but also virtual. This works without NDIS level, using just winsock.

Hello Fly,

this (http://www.mvps.org/winhelp2002/hosts.htm) may also help.

{QUOTE-> Hello Fly,

this (http://www.mvps.org/winhelp2002/hosts.htm) may also help. <-QUOTE}
Can these HOST softwares also clean the host file by checking each bad website, if it still exists or not ?
If the bad website doesn't exist anymore, it can be removed from the HOST file.
If the bad website still exists, nothing happens.

{QUOTE-> Can these HOST softwares also clean the host file by checking each bad website, if it still exists or not ?
If the bad website doesn't exist anymore, it can be removed from the HOST file.
If the bad website still exists, nothing happens. <-QUOTE}

I think that software itself can't check those websites but luckily hosts files are updated regularly (like MVPS).

{QUOTE-> I think that software itself can't check those websites but luckily hosts files are updated regularly (like MVPS). <-QUOTE}
It's hard for me to believe, that it is impossible for a program to check a list of websites, if they exist or not. A program language must have commands to do this. Besides MVPS is not the only one, Hostsman has more than MVPS, Bluetack, etc.
OK. It was just a theoretical idea. Thanks. :)

{QUOTE-> It's hard for me to believe, that it is impossible for a program to check a list of websites, if they exist or not. A program language must have commands to do this. Besides MVPS is not the only one, Hostsman has more than MVPS, Bluetack, etc.
OK. It was just a theoretical idea. Thanks. :) <-QUOTE}

You can't compare Hostsman to MVPS etc.
Hostsman is a hosts file manager but doesn't have a hostsfile itself.

Gerard

{QUOTE-> You can't compare Hostsman to MVPS etc.
Hostsman is a hosts file manager but doesn't have a hostsfile itself.

Gerard <-QUOTE}
Forget about it, you don't seem to understand what I'm talking about and yes, Hostsman is not MVPS. I worked with both in the past. :)

{QUOTE-> I can add that 127.x.x.x not only local, but also virtual. This works without NDIS level, using just winsock. <-QUOTE}

Hi.

Well, maybe I'm on to something ...

Can you explain a bit more about this ? (virtual and winsock?)

I just have an old AMD Athlon XP 2800+ processor, windows xp, and no virtualization software that I know of.

And yet I've received some spam emails, containing pictures, html disabled, 127.0.0.1 at the bottom of the header.

(And I've read some stuff about the hosts file, I know how to use the hosts file to block things, but it's a bit too technical for me to really understand it.)

{QUOTE-> Besides MVPS is not the only one, Hostsman has more than MVPS <-QUOTE}
Sorry, I have misread this.
{QUOTE-> Forget about it, you don't seem to understand what I'm talking about <-QUOTE}
Thanks for being so understandable.
{QUOTE-> and yes, Hostsman is not MVPS. <-QUOTE}
Glad you know that as well
{QUOTE-> I worked with both in the past. :) <-QUOTE}
Worked? What work is there to be done?

Gerard

{QUOTE->
(And I've read some stuff about the hosts file, I know how to use the hosts file to block things, but it's a bit too technical for me to really understand it.) <-QUOTE}

In simplest terms, as quoted from the link:

{QUOTE-> What it does ...
The Hosts file contains the mappings of IP addresses to host names. This file is loaded into memory (cache) at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS. This prevents access to the listed sites by redirecting any connection attempts back to the local machine. <-QUOTE}

The "local machine" being your machine's ip address 127.0.0.1. If you try opening one of those blacklisted sites, your host file simply slams it right into your machines address, which, of course, leads to nowhere. Otherwise if it's not in the hosts file, then it gets resolved to the proper ip address via dns, and you connect to the site.

127.0.0.1 = loopback = your pc

more info:
http://what-is-what.com/what_is/127.0.0.1.html

{QUOTE-> It's hard for me to believe, that it is impossible for a program to check a list of websites, if they exist or not. A program language must have commands to do this. Besides MVPS is not the only one, Hostsman has more than MVPS, Bluetack, etc.
OK. It was just a theoretical idea. Thanks. :) <-QUOTE}
It's as simple as sending an HTTP request and checking what it returns. 8)

{QUOTE-> It's hard for me to believe, that it is impossible for a program to check a list of websites, if they exist or not. A program language must have commands to do this. Besides MVPS is not the only one, Hostsman has more than MVPS, Bluetack, etc.
OK. It was just a theoretical idea. Thanks. :) <-QUOTE}

Hello,
What do you mean by exists or not?
Does it have a zone record? Or is it active, expired etc?
Or if there's any content on the asked-for address?
Mrk

{QUOTE-> It's hard for me to believe, that it is impossible for a program to check a list of websites, if they exist or not. <-QUOTE}


I'd like to see a few features added to Hostsman or a similar util:

1) Site checking to prune dead hosts

2) browser integration, so you can add a site to the HOSTS file by right clicking

3) HOSTS hit logging so the manager can prune the sites that are never or rarely linked. The most frequently hit sites can be moved to the top of the list as well, although any performance gain would be negligible.

{QUOTE-> It's as simple as sending an HTTP request and checking what it returns. 8) <-QUOTE}

AM Deadlink does this for all your bookmarks. If the people who compile the hosts lists have these sites saved in bookmarks then Deadlink would report whether they are still active or not.

Nice bit of freeware imo.

From their site...

AM-DeadLink detects dead links and duplicates in browser bookmarks and text files.

Ahem! Mi-mi-mi! "Be it ever so humble, there's no place like 127.0.0.1" ;D