security through hosts file needed?

hello, i use MSE + Comodo Free Firewall (with HIPS) and jsut read through this:
http://www.mvps.org/winhelp2002/hosts.htm

now is it rly needed to use such a hosts file? I already use adblock with firefox.. so ads arent rly a problem. The only usefull part of this hosts file i could think of, is that it also blocks malicious software trying to connect/send something.

But if you continue reading, then you will come to the part where it says that this big hosts file can slow down your pc. They provide a solution.. but thats not a real option for me.

So my question:
Is it needed to have such a host file altough i have MSE + Comodo FW + adblock (firefox) and worth the trubles with dns-client service?

Is there a hosts file (or ip list) which gets update frequently but only includes things like sites which try to damage you with exploits, malicious stuff ,... so no adware? (so this would means it maybe is a small hosts file then and wont slow down the pc)

Is it totally senseless?

Thanks

 

Whether you need a hosts file or not, well... the answer is really up to you, IMO. And, if you need to ask that question, then ,IMO, you don't feel secure with the current security setup you got there.

There are other things you can to help the system be safer and more secure, like tightening up the web browser, for example.

If you wish IP block lists (Does COMODO already support importing of lists?), you could use PeerBlock and make use of lists like these:

http://www.iblocklist.com/lists.php

But, considering what you wish, I'd pick these ones:

http://www.iblocklist.com/list.php?list=bt_spyware
http://www.iblocklist.com/list.php?list=bt_hijacked
http://www.iblocklist.com/list.php?list=bt_dshield
http://www.iblocklist.com/list.php?list=ynkdjqsjyfmilsgbogqf

There are more lists that I could provide, but not in PeerBlock's format. You'd have to convert them.

You try and make use of an alternate DNS service, like Sunbelt ClearCloud DNS, which will protect you against malware.

 

ye peerblock would be an alternative solution for the hosts file.. though i just didnt like to have another security program running

and i feel comfortable with my current situation.. i just wonder if such a modified hosts file would bring more security or if it is senseless anyway

and ye i also know that site.. but i would have to convert all the lists by hand for the hosts file which takes ages :S

 

IMHO it isn't. Since you're using AdblockPlus I suggest that you add the comprehensive Malware Domains subscription at the bottom of this site instead. It's updated daily and as good or better as any hosts file.

 

A hosts file allows to globally block access to malicious websites (excluding ads and trackers). Adblock Plus will block for Firefox.
So, how is it that it is "as good or better as any hosts file"?

I'm not debating whether or not a hosts file is needed. But, I'm wondering how would an Adblock Plus subscription be as good or better than a hosts file?

 

ye thinking the same.. a hosts file would propably be better.. on the other site.. every random program could open the hosts file and clear it? :S

MSE & Comodo wont "lock" the hosts file.

 

I totally agree with this.

Myth - "Special AntiSpyware Hosts Files are necessary to prevent Spyware infections."

Reality - "Using Special AntiSpyware Hosts Files are a waste of time and leads to a false sense of security.
Any Malware/Spyware can easily modify the Hosts File at will, even if it is set to Read-only.
It is impossible to "lock-down" a Hosts File unless you are running
as a limited user which makes using it in this case irrelevant anyway.
Various Malware/Spyware uses the Hosts File to redirect your Web Browser to other sites.
They can also redirect Windows to use a Hosts File that has nothing to do with the one you keep updating."

Large Hosts Files "cause Internet related slowdowns due to DNS Client Server Caching.
This negatively effects your browsing speed. AntiSpyware Hosts File authors irresponsibly recommend
disabling the DNS Client Service to solve this problem. This is not a solution.
The overall performance of the client computer decreases and
the network traffic for DNS queries increases if the DNS resolver cache is deactivated.
This effectively reduces Internet Performance for sites you have previously visited
and puts an unnecessary load on your ISP's DNS server."

Source

 

So? Since zakazak is using FF and AdblockPlus anyhow why not use this subscription?

See for details here.

 

It's not possible for a hosts file to keep up with these sites. These sites are very short lived and change faster than the malware itself. There's no way anyone could make a list of these sites that's anywhere near complete or up to date. Yes, you can block entire domains known to spread malware, and you're likely to block a lot of clean sites in the process.

The hosts file isn't really useful from a security point of view. I use it more as a junk blocker (ads, google junk, etc) and for address resolving on the more inportant sites (its intended purpose). Used this way, it can protect against methods of spoofing\tampering (can't think of the correct word this morning) with DNS as your PC checks the hosts file first.

Regarding the DNS service, I've had no problems from disabling it. Internet apps can do their own DNS resolving.

 

Not needed.

 

If read my previous post again, you'll see I wasn't debating the use or non-use of a hosts file. I merely was wondering how is it that block list that works for one browser be better than a block list that globally blocks access?

I wasn't really making a Adblock + subscription vs hosts file.

Anyway, I gave the suggestion to use an alternate DNS service like Sunbelt ClearCloud DNS which will block access to malicious domains.


Regards

 

Well, it's much easier to keep it updated if you run as LUA.

 

idk if Hosts are exactly needed for security, but if u want an easy to manage hosts program that will auto update multiple hosts lists for u and let u manage it easier (allowing certain hosts etc.) then u can try HostsMan, i used to use it and its quite a nice little program

http://www.abelhadigital.com/hostsman