Questions about Hosts file

Discussion in 'other security issues & news' started by aigle, Mar 2, 2007.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    What are the ways to protect the Hosts file while running in admin account?
    Also is there a host file blocklist/ adblocker that can be updated automatically?

    Thanks
     
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Hostsman (freeware)
    http://hostsman.abelhadigital.com/

    Features:

    - online update and auto-update of hosts file;
    - enable/disable usage of hosts file;
    - open Hosts file with one click;
    - merge two hosts files;
    - built-in hosts editor;
    - scan hosts for errors, duplicates and possible hijacks;
    - find how many host names;
    - easily install newly downloaded hosts file;
    - create encrypted backups of your hosts file;
    - resolve host names;
    - keep log of latest blocked sites;
    - exclusion list;
    - etc.

    I don't know what is included in the "etc." :)
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Thanks, are u using it?
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Yes, because it PROTECTS me against visiting 'dangerous' websites and getting infected this way. It PREVENTS troubles, which is the best protection.
    Good support too.
     
  5. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands
    Do you mean: I click on a porn site, but lucky me Hosts file protected me?
    I guess not.

    Gerard
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Does it prevents adds too? Thanks
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    This software is based on blacklists and all blacklists have one thing in common : they are all INCOMPLETE.
    In other words, if the website isn't mentioned in the blacklist you will be able to visit it.
    IE-SPYAD is a similar software, but it works only for MSIE and is also based on a blacklist and also incomplete.
     
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    At this moment Hostsman has three blacklists :

    1. hpHosts
    2. MVPS Hosts
    3. Mike's Ad Blocking Hosts.

    You don't have to use all three, you can select the ones, you want.
     
  9. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    So which one is best? I think MVPS?
    Is there any disadvantage of using two or all three by merging them?
     
  10. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,693
    Location:
    Texas
    Hi,

    Yes MVPs host file is very good! Hostman protection is that it makes the Host file 'read only'. Spysweeper, WinPatrol, ZoneAlarm, Micorsoft Anti-Spyware (what do they call it these days) & others I'm not aware of offer, an extra degree of protection, & notify the user if some nasty tries to alter the file. Spyblaster will make a copy of the file.

    Most likely combining lists will add many duplicate entries. You should consider adding 'SiteAdvisor', avoiding the red x, sites from searches will also help avoid the bad places, which is pretty much what hosts does.

    Take Care
    Rico
     
  11. KikiBibi

    KikiBibi Registered Member

    Joined:
    Oct 23, 2006
    Posts:
    173
    MVPs Host file is the best.

    hpHosts is too aggresive blocking legitimate sites.

    Not many updates on host files so I use HostXpert to update manually every month.

    HostXpert: http://www.funkytoad.com/content/view/13/31/
     
  12. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    MVPS is also the best IMO.
    Because internet is changing all the time, bad websites disappear or are added world-wide.
    So it will never be complete, which is common for all blacklists.

    I don't like blacklists, because they are based on what the bad guys do, which is the most incomplete, unreliable and unpredictable source to create an anti-dote. You don't run AFTER the bad guys and pick up their droppings, you run FASTER.

    Hostsman and IE-SPYAD are quiet tools and they PREVENT installation of malware and that is always better than removing malware, because you have to find it first.
     
    Last edited: Mar 7, 2007
  13. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,040
    Just wondering if you are using the beta version? Seems on their site they only offer the beta version and Snapfiles or Tucows offer 2.1.
    I am usually a bit wary of beta versions.o_O
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    You are very right about beta versions, they can't be trusted.
    I'm surprised that they offer only the beta version on the home page and not the previous version, not really smart IMHO.
    Or you wait until it's out of beta or your download Hostsman v2.1. :)
    I'm still using Hostsman v2.1
     
    Last edited: Mar 7, 2007
  15. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada

    Usually I hate using beta version too.:( But I have been using HostsMan beta since 10 days without a glitch so far.:)
     
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Thanks for the input. I have few more Qs.

    1- Any slow down in surfing speed by using these Hosts file( I am on dial up so I am really concerned).
    2- Any anticipated conflicts especially with other security software/ bowsers etc?
    3- Any loss of functionality on my system that I should anticipate?
    4- If I tried to go to a site that was blocked by Hosts file. How I can know that site is blocked by Hosts file on my system and not y any other thing?
    4- Does MVP Hosts blocks ads as well?

    Thanks for any help.
     
  17. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,693
    Location:
    Texas
    Hi Agile,

    1. No
    2. None
    3. No
    4. It would say '127.0.0.1' when you try to go to a site in the Hosts list. You
    would be prevented from getting to the black listed site.
    4. Only the ads of the site you cannot go to.

    Also for more information see: http://mvps.org/winhelp2002/hostsfaq.htm

    Take Care
    Rico
     
  18. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Thanks Rico.
    Is it a good idea to merge MVPS and Mike,s Hosts?
    Or only one is good.
     
  19. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,693
    Location:
    Texas
    Hi Agile,

    I would not bother merging the two, many duplicate entries would exist.

    Protect the file minimum 'Hostman'
    If you have Spyblaster have it make a copy of hosts file
    See if any other apps will protect/notify (like ZA, SS, WP, MSAS etc.)

    Also very valuable 'siteadvisor' you will know what sites not to visit, when you do a search.

    Also previously mentioned very worthwhile (if you use IE) is IE-SpyAD.

    If you use IE then IE-Spyad+Spyblaster+MVPs Host your very well covered, as far as black lists go.

    I like to call this passive defense, no user decisions, or memory used to keep you safe. Well at least keep you away from the known nasty places.

    Take Care
    Rico
     
  20. herbalist

    herbalist Guest

    Aigle,
    You may find that a hosts file can speed up your connection at times. If the hosts file you choose includes the common banner ad servers, they won't be displayed on sites they're found on. By not wasting your bandwidth loading ads, the content you want to see loads faster. On dialup, the difference can be quite noticeable.

    Regarding how you can tell, the exact message you see will depend on what browser you use. Here's 2 links to screenshots of yahoo mail, one with and one without using a hosts file.
    No hosts file.
    With MVPS hosts file.
    When an ad or page it blocked, it's not always obvious what it's being blocked by if the blocking mechanism doesn't add a specific message identifying itself.
    For editing and maintaining a hosts file, I like Hosts Toggle. It makes it easy to switch between different hosts files, import new ones, back up existing ones, and manually edit them.
    Rick
     
  21. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    About the only functionality loss you may see is if you try to click the back arrow to view a previous page from the one you are currently viewing in your browser. You'll not be able to if there are any ads on the page you are going back to. One thing that partially cures this is by going back from the drop-down menu that shows your page history. That's what happens in IE7 anyway. It is very frustrating until you get the hang of it and realize what's going on. But even then it is still frustrating at times.
     
  22. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,695
    Hello,

    I think the use of hosts file is the totally wrong approach to everything:

    Blacklisting instead of whitelisting.
    Crippling access to potentially needed / desired websites.
    False sense of security - either toward filtered or left out websites.
    Possible problems with DNS / scanners.
    Ability to locate problems within the hosts file when it contains a million entries.
    Outdated considering there are billions of websites.

    Mrk
     
  23. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,693
    Location:
    Texas
    Hi,

    Mrk - Then IeSpyAd, Spyblaster are also the wrong approach? Perhaps it is wrong, if its your one & only defense, or relied on too heavily. Host files & block lists, in general serve a valid purpose, as part of a 'multi-layered' defense.

    I just don't think myself or most user need something from sites, from a great list like MVPS. I'm sure anything on MVPS list can be obtained from a legitimate site.

    I've been using Hosts files for years & never encountered these problems. Note I'm not that lucky if a host file were to do this, trust me I'd be the first to have the problem. This problem is one that I've not seen in this or other forums.

    I'll assume you mean something included in the list, that you don't want in the list? Hostman & other host editors, have search functions.

    Sadly this is true. But there are more good sites than bad. Also MVPs host file is updated on a regular basis. If you add 'SiteAdvisor' you can eliminate many more bad places.

    So for the price of a host file, plus factoring it into a multi-layered defense, it can' hurt.




    acr1965 - I remember that 'back button' thing with BlueTacky host file. I've never encountered it using MVPs host file using IE6 or 7.

    Take Care
    Rico
     
  24. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Thanks Rico and herbalist( esp for snapshots).

    @src
    Now this loss of backward function is not good I think.
     
    Last edited: Mar 8, 2007
  25. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hi Mrk!
    Can u explain your fourth point( DNS/ Scanners)?
    Also what u think of using Hosts file for ad-blocking rather than security?
     
Loading...
Thread Status:
Not open for further replies.