Hmm. This is interesting. I haven't really paid much attention to hosts files for years. If memory serves I was using a hosts file provided by some site that updated it reguarly, and it was quite large. I remember (on dialup) that without the hosts file, things would chug along at a typical rate, and with a small one, the same, but with a large one (thousands of entries) things were really a lot slower. Toggle hosts off, speed normal, toggle hosts on, speed slow. But what I am reading here is that it might have changed on implementation or the hardware is just not phased by the larger size. I might have to check this out again. @Hungry Man, what router do you use? Are you using DDWRT or similar? Sul.
You tell me. These are the only pages I've seen it on so far. With most pages, there is no trace of the blocked ad, which would be my preference. Do you see it too?
I'll have to tell you later on, because I gave a try to sh0rtie's hosts file... and this one really is about quantity and not quality. Poorly maintained and simply useless... unless we don't mind setting exclusions for many stuff. sh0rtie's hosts file is to avoid, IMHO. Later on, I'll redo the hosts file (shame on me, I didn't save a backup ) only with the usual ones. I'll tell you what I see. If you got a decent amount of RAM, that you don't mind waste, you could install AdBlock Plus for Google Chrome. I got a strong guess it would hide such spots. Then again, I'm not really sure if Google Chrome extension API already allows to completely block communication with such ads, or if it simply hides them. Chrome's extensions aren't at the same Firefox level, yet.
Take a look at these links: http://adblockplus.org/blog/update-on-amo-s-performance-tests http://adblockplus.org/blog/new-round-of-amo-s-performance-tests-2011-04-16 http://adblockplus.org/blog/overview-for-mozilla-s-add-on-performance-measurements http://adblockplus.org/blog/overview-of-my-bug-reports-on-add-on-performance-measurements http://adblockplus.org/blog/on-fluctuations-in-performance-testing-results http://adblockplus.org/blog/how-reliable-are-mozilla-s-performance-measurements http://adblockplus.org/blog/some-more-details-on-mozilla-s-add-on-performance-measurements BTW, let me ask (again) everyone here who uses a modified HOSTS file: is the following quoted criticism still valid with any large HOSTS file? At least with MVP HOSTS, that I tested a while ago, it was.
@moonblood- Which B.I.S.S. link of these two are you using? 1.http://bluetack.co.uk/bims/blacklists/HOSTS.zip 2.http://bluetack.co.uk/config/HOSTS.zip ...or is it some other link?
None of them. I don't use a hosts file to block malicious domains, only ads. You can get B.I.S.S hosts file from here, though. -http://www.bluetack.co.uk/config/HOSTS.zip
Thanks, pretty interesting site. (freeware Booboost is something new to me ! and there is even lot more) The left side of my brain is actually there right now, while I write this post...
Bluetack was one place I used to get netblock lists from to use with a plugin for Outpost firewall. Good stuff there if you are into it. Sul.
Win XP-SP3 I have been using MVPS hosts file for several years. Updating by HostMan http://www.abelhadigital.com/ I had to disable DNS client because things were slow first time around. Not manual. Stopped and Disabled. Missing DNS client service causes NO slowdowns that I can see. File size is currently 575KB and contains over 16000 lines (of which some are my allowed mappings). I don't know what the definition of "large hosts file" is.
Hmm. Disabling the DNS client service, that was not something I did in the way back day, at least not for use with a HOSTS file. I did for other reasons, primarily letting Outpost handle DNS. That is interesting to learn it effects (or could effect) large HOSTS file performance. Learn something new everyday, and that was one of them for me Sul.
Kerio, Sunbelt, ZA, and Outpost handle it all with stride as they control who can use DNS servers for me. Some Windows systems require, in addition to UDP, TCP out to the DNS servers to maintain the connection that Windows just loves to close and the application has to, then, restart. I wonder if the note about cacheing was written in the prehistoric days, before broadband, where everythng took forever and cacheing was, or might have been, desireable. Perhaps it also matters that every local hop station (routers) on the way out to the wild web heads for the same DNS servers as well as the TCP/IP properties match, but I don't know.
I don't use one. Too much slow down due to the size of the ones currently available and too much potential for problems as IP addresses can change at any time.
I've had great success blocking ads by merging 4 lists in a hosts file, while managing them with HostsMan, and disabling the DNS Client service. So I know how well that works. Now, to give myself an option, and to test another method, I am trying Chrome's AdBlock extension, plus I've disabled the hosts file and restarted the DNS Client.
I guess you meant domains? If yes, then it's true. Hosts files that are updated once a month are useless in that regard (to block malicious domains). There are a few hosts files that are updated either daily or each two/three days. So, if anyone wants to use the hosts file to block malicious domains, I'd pick the following ones: * MDL; * Malware Patrol; For those wishing to also block access to SpyEye and ZeuS domains, could use these lists, in the hosts file format: * SpyEyE -https://spyeyetracker.abuse.ch/blocklist.php?download=hostfile * ZeuS -https://zeustracker.abuse.ch/blocklist.php?download=hostfile Those lists are daily maintained, and most likely quite often. I've read an article at the Brian Krebs blog that the cybercriminals behind those botnets even considered of hiring a hitman to kill the researcher behind these services. I guess the work of this researcher is effective? *edit* http://krebsonsecurity.com/2011/03/spyeye-zeus-users-target-tracker-sites/ You may also find other formats, including IPs.
That's such an irrational argument, and a silly reason not to use a HOSTS file. Malware can shut down antiviruses, and alter DNS settings. What's your point? Are you suggesting we don't use an antivirus or something like ClearCloud DNS? Staying up to date with MalwareDomainList's HOSTs file makes it difficult to visit known sites hosting malware, so it is a great preventative. I know the actual limitations, in that it obviously won't block sites that aren't in the HOSTS file. For me, it's a simple and quick thing to do with no perceptible performance loss.
Malware can't easily modify the host file anyway, that takes admin level. The reason trying to block malware with a host file doesn't work well is because malware is spread across so many different URL's and it' constantly moving (hourly) to new domains.
I use a combination of domain blocking from Clearcloud DNS and HOSTS (MVPS + MalwareDomainList in Hostsman), and IP blocking from Malwarebytes. Also use Adblock Plus with Malware Domains. It's pretty hard to collect malware samples with all that active, so from that I infer that the average user will find it hard to get themselves infected as well.
Not only that... By all means, do not, as an example, map www.wilderssecurity.com to its respective IP in the hosts file for faster access. Why? Because malware will easily modify the hosts file. Sully uses his hosts file for something other than blocking ads/malicious domains... Sully, please I BEG YOU, do not!!! Malware will hijack your hosts file. People, listen/read carefully!!! DELETE the hosts file from your operating system!!! This way malware won't hijack it!!! Oh wait... unless they simply create it... Oh wait again!! ... Windows XP and Windows Vista actually need to have these two entries in the hosts file: 127.0.0.1 localhost ::1 localhost Damn... I guess we're stuck with the hosts file, no? Why not put some use to it? Whatever use means. @ RJK3 I know your feeling, though. I've tried to explain the same views in the past...
I never thought of putting anything in my host file for faster access. Just did that to my top 3 sites (my local host file is blank except for default windows stuff anyways.) Chrome prefetches DNS anyway but whatever. Edit: Are there any host files that have a list of common sites? That way you could map a ton of sites to their IP addresses and have it consistently updated by the host.
By the way, sometime ago I came across a nice PowerShell script to manage the hosts file. The nice thing about it, is that you aren't restricted to only use files in the hosts file format, it can be anything. Link: -http://www.sans.org/windows-security/2010/09/14/hosts-file-block-domains/ -edit- You'd still need either to keep HostsMan/similar or manually remove some entry you'd like not to be blocked, though. It would be nice if the script could read from a file and remove the entries accordingly. I'm retrieving some of my PowerShell learning material I lost in my other laptop/hard drive. Maybe by Xmas I'll have it modified. lol
