DNS Server or HOSTS File?

Discussion in 'other anti-malware software' started by Brandonn2010, Mar 1, 2011.

Thread Status:
Not open for further replies.
  1. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Right now I'm using HostsMan to update my HOSTS file. I have considered using OpenDNS instead. Which one would block more bad sites? I also am upset with HostsMan because I've been trying to view comments on foxnews.com, but they won't show up unless I disable the HOSTS file, and I can't think of a way to find which sites blocked are responsible.
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    OpenDNS malware filtering is very crippled compared to ClearCloud and NortonDNS. It does have some other nice, but unessential features.

    I prefer ClearCloud, because you can send them false postives, which they'll fix within hours.
     
  3. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Okay, a few issues both from my experience and as a general rule. A HOST file, while greatly helpful in blocking the malware domains known, is not so helpful against the new ones that pop up every day and vanish just as quick as they showed up. HOST files are always going to play catch up, even more so than every other security measure. DNS servers, especially the more known ones such as Norton, have a better success rate because they don't just use one long blacklist of known threats, but often have crawlers hopping around the net looking for trouble (if I'm wrong in how Norton does things, someone will correct me).

    This allows them to keep up slightly better, though of course it's still a cat and mouse game. Another negative of HOST files is that they constantly need updates and looking after. With DNS servers, you do nothing, the provider does all the work. Now, the positives: HOST files not only keep you away from malware domains, they can make a fantastic ad blocker, which, these days, also can mean more malware blocking. HOST files are also easily edited in case something goes wrong, like your Fox comments issue.

    Sometimes safe sites contain maybe a single link that leads to a drive-by download, but is also very avoidable. If the rest of the website is safe, and the HOST file blocks it anyway, you can head into the list and edit it. Not so with too many DNS server providers. Norton, ClearCloud, most of them are a pain when dealing with either a wrongly detected website or one that, again, has a single issue that is avoidable. With DNS server providers, you either have to work with the provider when reporting an FP, and, hopefully getting it fixed..and hopefully soon, or, most of the time, you're blocked out of the website and that is just that...and it's the reason I'm giving them up myself.

    I BELIEVE OpenDNS has the ability to bypass the block (it's been a while for me), but they also don't seem to be all that great at blocking to begin with. So, there you have it basically. With a HOST file, your protection is limited to what is on the list, but you can change things. With a DNS provider, the protection is often greater, but you're at their mercy when something goes wrong.
     
  4. OuterLimits

    OuterLimits Registered Member

    Joined:
    Nov 13, 2009
    Posts:
    66
    I find that Hosts files slow my pc down too much after awhile.

    Does anyone still use TreeWalk or is ClearCloud a better solution?
     
  5. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Considering you're using Firefox, you could use AdBlock Plus to block ads (also a great source for malware!) and ditch the HOSTS file. As for blocking malicious domains, either go for ClearCloud DNS or Norton DNS (there are others, but I don't know much about them). As already mentioned ClearCloud DNS allows to submit a false positive from within the block page and it's solved within hours.
     
  6. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,718
    If your main purpose is to block malware sites, try looking into either ClearCloud or Norton DNS. If malware blocking isn't your sole priority and you'd like to block other stuffs like adult content, etc, then you might want to consider OpenDNS FamilyShield. If you prefer more granularity and more options, maybe OpenDNS Basic would do the trick for you (but you've got to install OpenDNS Updater that works in the background).

    You can still make use of your hosts file to block advertisements....for e.g. I have personally made use of it to block Google, MSN and Yahoo ads.

    -http://www.raymond.cc/forum/tutorials/13257-block-google-msn-windows-live-and-yahoo-ads-using-hosts-file.html-

    There are other 'lists' on the web that you can make use of but if you're going down the path of blocking ads on the web (leave aside the ethics, morality and legality issue that's often debated upon), you might as well use an ad-blocker for web browsers since they're automatically updated and are specifically designed for the task. Less work for you...and chances of 'FPs' are lower I guess.

    And I think dw426 have done a decent job in explaining the main pros and cons (differences) of each method....not everyone can tell the story as it is without any bias/prejudice...:thumb:
     
  7. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    thx for info .. useful for me ...
    all my ads are blocked by plugin except it doesnt block gmail ads
     
  8. redgrum

    redgrum Registered Member

    Joined:
    Nov 16, 2010
    Posts:
    50

    I love HostsMan and find using hosts a more flexible solution than DNS filtering.

    You can just open the Hosts editor and search for 'foxnews' entires and disable them one by one until your comments show up. I suppose you could view the page with firefox & Noscript (with hosts disabled) and see which server is being blocked, then edit your hosts file accordingly.

    To the people that find Hosts files slow their browsing - have you tried disabling the windows DNS service? Alternatively, the hosts list can be moved to your router, if you have custom firmware.
     
  9. Nevis

    Nevis Registered Member

    Joined:
    Aug 28, 2010
    Posts:
    786
    Location:
    255.255.255.255
    i used host files yet it doesnt block my ads ?
     
  10. redgrum

    redgrum Registered Member

    Joined:
    Nov 16, 2010
    Posts:
    50
    I think that would largely depend on your subscription - hphosts has an ad-blocking list, if that helps
     
  11. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    DNS Server or HOSTS File?

    I wouldn't use either of these 2. Why not just install Sandboxie? That way you can view bad sites without getting infected and you are not blocking yourself from half the internet and things like comments of fox news.
     
  12. IBadget

    IBadget Registered Member

    Joined:
    Jan 14, 2009
    Posts:
    59
    Location:
    Waipahu, HI
    Another DNS service to consider is Comodo SecureDNS. So far, it has blocked malware, phishing, and prohibited material.
     
  13. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    Who decides what comes under that class I wonder.
     
  14. DOSawaits

    DOSawaits Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    416
    Location:
    Belgium
    To check out which rule blocks your legal access sites, just go in Hostsman -> Tools -> HostsServer -> ControlPanel -> Start Server -> Now try to access your sites and then -> View Log.
    it will show you which rule was fired, so you can easily remove the site from your hosts file. otoh, huge hosts files like these from hpHosts for example tend to have an impact on browsing & ping times, whatever the state of DNS Client.
     
  15. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    +1. :thumb:
     
  16. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    OpenDNS IP's in the Router and customize the filter on opendns.com to block the stuff you don't want to see.
    Have been working great many years for me.
     
  17. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Well I switched from a HOSTS file to ClearCloud's DNS server, and my internet actually seems slower than with the HOSTS file. Any reason why that could be?
     
  18. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    could be based on ur location, like for me ClearCloud is slower than Norton DNS and OpenDNS
     
  19. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    It's a little faster now. Whats really odd is that no matter what version I get. Chrome is always noticeably slower than Firefox, even though it's supposed to be the slowest, and Chrome the fastest.
     
  20. sm1

    sm1 Registered Member

    Joined:
    Jan 1, 2011
    Posts:
    520
    DynDns is also a good option:)
     
    Last edited: Mar 3, 2011
  21. carat

    carat Guest

    +1 :thumb:
     
  22. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I use ClearCloud DNS. I stopped using a Hosts file years ago.

    I also use Firefox with Adblock Plus (Malware Domains subsription).
     
  23. IBadget

    IBadget Registered Member

    Joined:
    Jan 14, 2009
    Posts:
    59
    Location:
    Waipahu, HI
    Comodo decides what websites are prohibited, e.g., porn sites.
     
  24. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    There was a hint of sarcasm there that I guess I failed to broadcast. A malware blocking DNS service should be for blocking malware. If it's going to block anything else, there should be options to turn it off.
     
  25. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    But you use NoScript right (I saw the signature) ? You use it to block infections from the browser right?
     
Loading...
Thread Status:
Not open for further replies.