DNS Server or HOSTS File?

Right now I'm using HostsMan to update my HOSTS file. I have considered using OpenDNS instead. Which one would block more bad sites? I also am upset with HostsMan because I've been trying to view comments on foxnews.com, but they won't show up unless I disable the HOSTS file, and I can't think of a way to find which sites blocked are responsible.

 

OpenDNS malware filtering is very crippled compared to ClearCloud and NortonDNS. It does have some other nice, but unessential features.

I prefer ClearCloud, because you can send them false postives, which they'll fix within hours.

 

Okay, a few issues both from my experience and as a general rule. A HOST file, while greatly helpful in blocking the malware domains known, is not so helpful against the new ones that pop up every day and vanish just as quick as they showed up. HOST files are always going to play catch up, even more so than every other security measure. DNS servers, especially the more known ones such as Norton, have a better success rate because they don't just use one long blacklist of known threats, but often have crawlers hopping around the net looking for trouble (if I'm wrong in how Norton does things, someone will correct me).

This allows them to keep up slightly better, though of course it's still a cat and mouse game. Another negative of HOST files is that they constantly need updates and looking after. With DNS servers, you do nothing, the provider does all the work. Now, the positives: HOST files not only keep you away from malware domains, they can make a fantastic ad blocker, which, these days, also can mean more malware blocking. HOST files are also easily edited in case something goes wrong, like your Fox comments issue.

Sometimes safe sites contain maybe a single link that leads to a drive-by download, but is also very avoidable. If the rest of the website is safe, and the HOST file blocks it anyway, you can head into the list and edit it. Not so with too many DNS server providers. Norton, ClearCloud, most of them are a pain when dealing with either a wrongly detected website or one that, again, has a single issue that is avoidable. With DNS server providers, you either have to work with the provider when reporting an FP, and, hopefully getting it fixed..and hopefully soon, or, most of the time, you're blocked out of the website and that is just that...and it's the reason I'm giving them up myself.

I BELIEVE OpenDNS has the ability to bypass the block (it's been a while for me), but they also don't seem to be all that great at blocking to begin with. So, there you have it basically. With a HOST file, your protection is limited to what is on the list, but you can change things. With a DNS provider, the protection is often greater, but you're at their mercy when something goes wrong.

 

I find that Hosts files slow my pc down too much after awhile.

Does anyone still use TreeWalk or is ClearCloud a better solution?

 

Considering you're using Firefox, you could use AdBlock Plus to block ads (also a great source for malware!) and ditch the HOSTS file. As for blocking malicious domains, either go for ClearCloud DNS or Norton DNS (there are others, but I don't know much about them). As already mentioned ClearCloud DNS allows to submit a false positive from within the block page and it's solved within hours.

 

If your main purpose is to block malware sites, try looking into either ClearCloud or Norton DNS. If malware blocking isn't your sole priority and you'd like to block other stuffs like adult content, etc, then you might want to consider OpenDNS FamilyShield. If you prefer more granularity and more options, maybe OpenDNS Basic would do the trick for you (but you've got to install OpenDNS Updater that works in the background).

You can still make use of your hosts file to block advertisements....for e.g. I have personally made use of it to block Google, MSN and Yahoo ads.

-http://www.raymond.cc/forum/tutorials/13257-block-google-msn-windows-live-and-yahoo-ads-using-hosts-file.html-

There are other 'lists' on the web that you can make use of but if you're going down the path of blocking ads on the web (leave aside the ethics, morality and legality issue that's often debated upon), you might as well use an ad-blocker for web browsers since they're automatically updated and are specifically designed for the task. Less work for you...and chances of 'FPs' are lower I guess.

And I think dw426 have done a decent job in explaining the main pros and cons (differences) of each method....not everyone can tell the story as it is without any bias/prejudice...

 

thx for info .. useful for me ...
all my ads are blocked by plugin except it doesnt block gmail ads

 

I love HostsMan and find using hosts a more flexible solution than DNS filtering.

You can just open the Hosts editor and search for 'foxnews' entires and disable them one by one until your comments show up. I suppose you could view the page with firefox & Noscript (with hosts disabled) and see which server is being blocked, then edit your hosts file accordingly.

To the people that find Hosts files slow their browsing - have you tried disabling the windows DNS service? Alternatively, the hosts list can be moved to your router, if you have custom firmware.

 

i used host files yet it doesnt block my ads ?

 

I think that would largely depend on your subscription - hphosts has an ad-blocking list, if that helps

 

DNS Server or HOSTS File?

I wouldn't use either of these 2. Why not just install Sandboxie? That way you can view bad sites without getting infected and you are not blocking yourself from half the internet and things like comments of fox news.

 

Another DNS service to consider is Comodo SecureDNS. So far, it has blocked malware, phishing, and prohibited material.

 

Who decides what comes under that class I wonder.

 

To check out which rule blocks your legal access sites, just go in Hostsman -> Tools -> HostsServer -> ControlPanel -> Start Server -> Now try to access your sites and then -> View Log.
it will show you which rule was fired, so you can easily remove the site from your hosts file. otoh, huge hosts files like these from hpHosts for example tend to have an impact on browsing & ping times, whatever the state of DNS Client.

 

+1.

 

OpenDNS IP's in the Router and customize the filter on opendns.com to block the stuff you don't want to see.
Have been working great many years for me.

 

Well I switched from a HOSTS file to ClearCloud's DNS server, and my internet actually seems slower than with the HOSTS file. Any reason why that could be?

 

could be based on ur location, like for me ClearCloud is slower than Norton DNS and OpenDNS

 

It's a little faster now. Whats really odd is that no matter what version I get. Chrome is always noticeably slower than Firefox, even though it's supposed to be the slowest, and Chrome the fastest.

 

DynDns is also a good option

 

+1

 

I use ClearCloud DNS. I stopped using a Hosts file years ago.

I also use Firefox with Adblock Plus (Malware Domains subsription).

 

Comodo decides what websites are prohibited, e.g., porn sites.

 

There was a hint of sarcasm there that I guess I failed to broadcast. A malware blocking DNS service should be for blocking malware. If it's going to block anything else, there should be options to turn it off.

 

But you use NoScript right (I saw the signature) ? You use it to block infections from the browser right?