Host Files vs. Restricted Sites

Discussion in 'other security issues & news' started by sflorack, Jan 18, 2005.

Thread Status:
Not open for further replies.
  1. sflorack

    sflorack Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    45
    I am interested in securing my computer from known troublemakers. I've been religiously updating both my restricted sites within IE via IE-SPYAD as well as a HOSTS file locally.

    Doesn't using the HOSTS file have the same affect as using IE-SPYAD? The only difference I could figure would be that the hosts file would be more inclusive, and not IE dependant as IE-SPYAD would be.

    Any help would be appreciated.
     
  2. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    IE-SPYAD just places a very large number of sites in your Restricted Zone, where they will have less priviledges as to what they can do. You can still visit the sites and in most cases they will display as they should - though not always. The HOSTS file will protect you by directing you away from the listed sites so you never get to them in the first place.

    The trouble is you are only protected against specific sites, and they are but a fraction of possible bad sites. For this reason I don't bother with either of these things, I find it preferable to configure my browser settings for maximum safety, only lowering them when it is necessary on a trusted safe site.

    To get tips on how to configure I.E. look here:- http://www.spywarewarrior.com/uiuc/btw/ie/ie-opts.htm
     
  3. sflorack

    sflorack Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    45
    You do make valid points. It certainly is a balancing act between safety and useability (the document you refer to is extremely restrictive). I surf hundreds of new websites a week, so individually allowing certain websites into the good graces of my browser may be a little painful. I used to have all cookies turned off, and had to allow them one-by-one. I recently changed my settings to simply allow all first-party cookies, and deny all third-party cookies. With the relatively low hazard that cookies present, it certainly makes things easier.
     
  4. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    You can get more info on how the Hosts file works here:- http://www.bleepingcomputer.com/forums/index.php?showtutorial=51&
    The Hosts file can be used for good or evil. Trojans can use it to direct you to 'bad' sites everytime you click to go to Google (for example), equally it can be used to direct you to Google if you inadvertantly click to go to a 'bad' site. It depends how it is set up.

    The whole point of IE-SPYAD is that the authors realise many people simply don't want to be bothered to keep adjusting their browser settings all the time. It will at least protect them from the worst known sites. Maybe this approach is best for you.

    For me it is no problem, at its simplest all you have to do is push the slider in Internet Zone up to max while you are at unknown sites and then click 'default' for safe sites. There are some things that ideally should be done in the 'Advanced' tab (at the very least you should untick 'Enable Install On Demand' and untick 'Enable third party browser extentions'), but you don't have to change those settings again, unless you are installing a prog that requires the functions you have switched off. There are also a number of other things that can be done, but I won't go into that here.

    It is all a question of balancing function and convenience against safety. Some people say it is better to change browsers, but I have been quite safe with I.E. up to now so I don't find the need to.
     
  5. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Along with the fine comments and link Topper shared....you or any user for that matter....should be able to surf safely with IE if you so choose. If you continue using IE....I would suggest you consider adding SpywareBlaster as another layer of protection....if you are not already using it and in particular it's ActiveX protection. It also has Restricted Sites protection....but since you are an IE-Spyad user....I suggest you stick with that one as long as it's available.
     
  6. sflorack

    sflorack Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    45
    Many thanks for all the suggestions. I went ahead and made the changes to my system. I, too, feel pretty secure with IE. I haven't had any attacks to speak of, and I preform nightly virus and spyware scans.

    I will check out SpywareBlaster, but I currently have SpySweeper installed. Not sure what the differences really are (other than that I had to PAY for mine, hehe) but will check it out nonetheless.
     
  7. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    SpywareBlaster doesn't do anything active - it is not a scanner. You just install it, update it, and it will prevent certain known bad ActiveX from running on your machine. Use it in addition to Spy Sweeper.
     
  8. Ronin

    Ronin Guest

  9. Ronin

    Ronin Guest

    You are right of course. I was just curious.

    ALso if the overlaps happens to be 100%, then I wouldnt borther would I?
     
  10. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    the killbits of the spywareguide installed...that can never hurt cause these are just registry keys and once installed, it won't run. I don't know if they overlap but if it has got only two regblocks of spyware the other hasn't I would have installed it immediately.

    just my two cents...
     
Loading...
Thread Status:
Not open for further replies.