Recommend DNS services to fight against malware

When it comes from someone who says firewalls are suppose to prevent malware infections... Well... The author also mentions that

I guess this person would consider Windows Vista and 7 own firewall protection a meaningless security feature?

But, then again, in this guide it is mentioned

Oh... wait... [url="http://home.comcast.net/~supportcd/XPMyths.html#Security]here[/url] it's stated

I don't understand... he advises Windows XP Firewall because of that, but then also mentions ZoneAlarm. If Windows XP is enough because outbound filtering is a myth, then why suggesting ZoneAlarm for the "Advanced users"?

He also seems to lack knowledge about tools like SuRun, which will smooth, a lot, Windows XP LUA experience.

I doubt that many of these users that seem to be targeted would be messing with their Windows XP, to be needing admin. rights.

So, a LUA would be fine for them, and make use of SuRun to elevate apps. when needed.

If some game in XP needs admin. rights and, for whatever reason, it fails to run with SuRun, then why not advise these people to have one spare administrator account just for the games, for example?

But, I sincerely do not expect much from a person like you, who mocks of people's English, when these people are not even native speakers; and, your reaction towards user justenough shows it all; it shows your true colors.

Rather than commenting back to my reply to what that author mentions, as you showed in your post, you prefer to pick rudeness.

It fits you well; wear it.

 

Before you end up fighting I would suggest you do a Google search for this dude. He is very famous, like from being banned on just about every tech forum using various user names. Troll de luxe and I am not kidding. One of the top 3 I have ever come across. I do believe he started out in newsgroups but moved on to forums. Moderators never knew what happened, he is way ahead. Correct that he also know about computers, "likely" to have worked within the field but be careful what you read. He is mostly known for his Firefox myth site which is hilarious. Actually years ago some made a complete duplicate of that site, mocking him to death. I wonder if it is still up. Starting to debate his logic and campaigns, not to mention credibility is just wrong, internet must have better info? or entertainment...

I think I should add not that it is not any of my business and carry on Memories made this post possible...

 

One last remark/question: Have I replied to that comment?

No, I have replied to a completely nonsense post from you, quoting some other person, who apparently you have under such great consideration, and who seems to have problems everywhere the guy goes.

I have argued that a hosts file, be it to block ads or malicious domains (what ever situation fits best X person) WON'T make these people's systems any more vulnerable than they would already be!

It also won't make nothing slower, IF the hosts file is not too large OR if the DNS Client is disabled, IF such large hosts file is used. And, by large I mean really large.

Having DNS Client disabled or not, it will depend on what the user does with the system. For example, if X person uses a laptop and makes use of those hot-spots, DNS Client is needed!

Obviously, it is up to the X person to decide what best fits her/his needs, and what can or cannot be disabled.

Whether or not the use of a hosts file is needed to block malicious domains, that NEVER was my debate.

If I consider a hosts file to be a waste of time to block ads? That will depend whether or not X person likes having extensions or using a third-party application, or if X person uses more than one browser, and having to keep lists for each browser updated would be a way more real waste of time. Using a hosts file to block ads, will allow such X person to block ads to every web browser, rather than just one or having to keep different lists updated for every browser.

That was MY only debate since the beginning.

End of conversation.

-EDIT-

As an example of what IS NOT a large hosts file and WILL NOT slow anything down I can give the entries applied by Spybot - Search & Destroy, which if memory serves me well, since last time I installed it in a virtual machine, it was a bit more than 14000 entries.

With DNS Client enabled and no problems, ever. I had a relative who always had Spybot, using XP.

 

Yes, I agree. It would be more interesting if you could spend your spare free time searching for more of those authors. That's some time worthwhile spending

I still am trying to figure out why you did not reply to my two posts, explaining why you consider what you consider, without backing it up using some flawed crap, but that's up to you.

You want others to believe you got it all, what you say is the master word/thought; that's OK.

Fortunately, I believe any user coming here is free of thinking and understand what he/she needs. Yes, it does matter! What is doesn't matter are your empty replied comments.

If that's all you can do, don't bother. You don't agree, then agree to disagree, and don't make it sound like you're the master of all knowledge.

But, do not ever assume to know what I know/what I think about something, and don't try to make others believe I said something when I did not.

I've always been direct in what I meant, and I explained my views. You, on the other hand, did the opposite. I guess you just don't want to see it

And, something is bothering me...

You say "Enough with the Generalities", but I guess is OK to bring one single individuality.

Yes, user DOSawaits considers what he/she considers about the use of a hosts file. I'd say he/she has that right, but that won't make it be "Generalities", will it?

Of course, I'm the sneaky one... Whatever pleases you...

 

Mr. PC your last 2 posts are nothing other than digs at m00nbl00d. You didn't even debate against the points he brought up in post #154.

You do realize responding with digs at a person doesn't make their arguments any less valid, right? Infact it only shows you have nothing to respond with

 

In fact, some guys have so much free time to...around while others sacrifice Time from their Work to be here!
BTW, I have nothing to respond to someone who writes 'one single individuality'.
If you search about him and the way he responded to other posts, you will realize that the guy cannot read English.
The more you try to explain things to him, the more difficult communication becomes. I tried once...Never again!
Even Freshmen know what is written in the article.
Is it the 1st time you see that?


P.S.: I erased my Posts so that you feel comfortable. Happy?
I guess others can be Rude, I can't...

 

I admire people that use their free time to teach others (including me) about security methods and the issues around them, infact, I admire anyone willing to teach anything on this forum. I admire m00nbl00d for bringing up good points (even after debating the effectiveness of a hosts file against ads, a debate which he won). I'd also admire anyone that would bring up counter points and prove him wrong, as the rest of us would then learn from that. I don't think anyone on this forum knows everything there is to know.

I don't admire people that just outright bash others.

I don't think happyness would come into it but it shows you're a nicer person than your posts were telling us.

I think this would be a good point to get back on topic.

 

I tried out Norton DNS and I think it's really good. As a OpenDNS user I found Norton's DNS protection to be filtering more bad sites in comparison to OpenDNS (just my experience). I tried it with a lot of dangerous sites I know of and also some random baddies -- they were blocked.

I think these DNS based protections are really good for setting up on computers of those that are less computer savvy. I definitely recommend Norton DNS.

 

can't we all get along?

anyway, my experience with Norton DNS has been positive.
it caught a few bad guys and it doesn't slow down my browsing.
in fact, i think Norton DNS might have made my browsing a tad faster...
and it does not use any system resource.

small is beautiful!

 

This was also my experience.

 

Was this the case? Is it all you got?

Read the Info and try to understand Basic Principles others don't.
DOSawaits understood, because he experienced what is described by the Author.

 

Would be interesting to get some info on how effective OpenDNS works AFTER you have paid for malware protection. Way too costly for private users. If baddies are from the typical malware lists OpenDNS does zero, not included in what you did not pay for

 

Why exactly are you linking me to a website I've never seen mentioned in my life, that strictly states Windows XP myths. When I've already stated I use Windows 7 with a hosts file, the DNS service enabled, and no slowdowns?

I also have to laugh at the part which suggests Windows is unsecure due to it having more vulnerabilities found.

I said I respect people that educate me, not people that lead with misinformation.

 

Here is one more flawed statement by that author. I don't know how I missed it before.

Note: The emphasis was done by me.

You cannot map an IP to 127.0.0.1, only domains. So, how is that mapping xyz domain to 127.0.0.1, will make impossible to access other good domains?

Yeah... I guess the author really knows it...

There are great security experts I follow and with whom I learnt and still learn a lot, but this is not one of them!

The guy has no bloody idea what he's talking about!

Isn't that clear enough by now? I don't know what is, then.

 

Agree wholeheartedly

 

Good catch there m00nbl000d. I admit some of the myths there hold merit. But some are unture and many are simply outdated in todays world of Windows 7. A perfect example of this is the defragmenter. Windows 7's defragmenter, much like it's firewall, is now good enough for use.

 

Well as you can see by my AV choice, you can tell what I think of paying for malware protection. Especially when the free ones are just as good, if not better.

 

I agree, and apologize for the deviation. I just felt like I had something more to explain, because has seen many stuff about what it mentioned, at least regarding a hosts file, aren't accurate, at all.

Anyway, enough with it.

 

Does not really matter because OpenDNS with malware protection is not a realistic option but still could be interesting if an IT-dude from a company told about their experiences. Like a simple test against the popular malware lists. I remain doubtful until then. Find it hard to outrun free choices as well - or somewhat free depending on definition. I do not understand why OpenDNS does not make it possible for private users to pay for this. They have the name/reputation, great control panel/interface, but nope. I can see a market towards those who use it for parental control or part of.

 

Interesting idea. I never tried those DNS level filtering services because I believe more in HOSTS files with adblockers like Proxo or Ad Muncher. But after reading all's experiences in this thread, I now want to give it a try.

Did you input your primary and secondary in your router or in windows (any advantage?) ? Gibson's DNS bench tells me this speed order here: ISP, Norton and ClearCloud. But, as you said, speed is probably not the main criteria to evaluate this kind of service, but reliability is important to me, by any ways.

If I use my router, it allows me to enter 3 DNS servers, so I should put my ISP's third, and experiment with them.

 

If you put in your router, all computers connecting to it will get the same DNS protection. If you put it in windows, only that system will get the DNS protection.

 

In regards to the argument that arose between moonblood and Mr.PC, it's really a matter of how you view things. 1st and foremost, one must realize that the hosts file was never initially intended for malware sites or ad blocking. It has a different purpose. The XP Myths article is right when it explained it as such:

No doubts people are taking advantage of the feature for those purposes it was not meant to be in the 1st place. Whether or not this is justified is very much debatable. Using the hosts file to block malware sites may be an option or 'additional layer' for some users - no one is arguing against that. One is only questioning it's efficiency in comparison to other alternative methods.

The 1st statement in the above quote applies to those running as Admin and who do not use any means to reduce the rights of the browser.

I'll try to explain...

During the time that article was written (a few years back), many Windows users were running as Admin (default case in XP). The main target was those running their browsers with Admin rights. As such, the hosts file maintained that time contained mostly malware links that would have been prevented by running under LUA itself. This of course excludes those malware executing to user-space (I'll just call it "LUA malware")...which isn't as many in comparison to "Admin malware".

As for the "irrelevant" statement:

Consider this - what is the possibility, the % rate of the hosts file having include a known site that distributes "LUA malware"? Remember - malware authors change their distribution links /domains often enough and it takes time to keep track of such links. Furthermore, what is the % rate a person would come across such a link (LUA malware) after updating his hosts file; not before it was black-listed(therefore being protected against it)?

All-in-all, the chances are quite slim/low and hence the term 'irrelevant' is justified in this case. "Irrelevant" in this context doesn't equate to being entirely useless...

Take note: I'm only taking into account the threat landscape a few years back, not how it is today.

No one said otherwise either....

Look at it closely:

The author didn't argue against those using it to block advertisements.

The author specifically stated that the myth is "Windows XP Firewall isn't good enough". That's the myth. To him, Windows XP firewall is good enough in terms of inbound protection.

He never said that "outbound filtering is a myth". To be more precise, he stated:

They keyword lies in "about". There are myths about outbound filtering in his opinion but he didn't state that outbound filtering is a myth on it's own. That's 2 different things we're talking about here. He has explained the reasoning for his opinion/thoughts there - whether or not anyone agrees with it is an entire topic altogether that can be discussed elsewhere.

The only reason he suggested ZA for "Advanced users" is this:

"Advanced users" refers to those who seek outbound filtering for whatever reasons (which doesn't necessarily include malware)

I agree with moonblood on this one. I see this as a flawed statement too.

True and spot on.

But you can map a domain to a specific IP address apart from the 127.0.0.1. For e.g. a person may want to map bing.com to Google's IP instead.

Additional info: There's also a debate as to whether one should use 127.0.0.1 (localhost loopback address) or 0.0.0.0 or even 0 (invalid address).

Some people claim that using the latter helps to reduce the size of the hosts file and speeds up the browsing speed as the system/browser immediately rejects the endpoint rather than to wait for a timeout.

See these links:
http://www.dslreports.com/forum/r16796956-
http://it.slashdot.org/comments.pl?sid=1743902&cid=33147664

0.0.0.0 is also recommended if you're running web server software.

Source: MVPS Hosts file FAQ

To be fair, the 127.0.0.1 'camp' brings out their point of view that it brings no difference to browsing speed and may cause errors if you're using eDexter:

http://www.dslreports.com/forum/r16793890-
http://www.calendarofupdates.com/updates/index.php?showtopic=4356 (look up in Google cache)

Source: MVPS Hosts file FAQ

The choice lies within your hands. Same goes for disabling the DNS client service.

Some are untrue...but not many are outdated. In fact, many of those myths still apply for Win7. But I do agree in regards to the Win7 defrag and firewall, both are improved compared to how they were in XP.

You're misreading things. The author stated otherwise...iotw, he has a similar stand as yours. Both of you are on the same team lol.

 

1) Editors Note: in most cases a large HOSTS file (over 135 kb) tends to slow down the machine.

2) "Those who promote using the Hosts file to block bad sites and advertisements say that
you can disable the DNS Client and never notice it.
However, it is that service's job to keep a cache of recent name lookups.
If that service is not available, then the computer must send a name lookup to
the DNS server for every domain name that it encounters; that can be quite a few on a single web page.
If every computer had the DNS Client disabled, I suspect the DNS servers
would be overwhelmed and slow things down quite a bit." Source

As you showed, safeguy,
some guys cannot understand plain English and misconceive basic principles.
And it is Not only that...

 

Giving Comodo DNS a try after reading some of this thread

 

Still it looks impossible for me to use or even try this kind of services coz I could not figure it out how to save the recommended DNS service numbers on my pc. Everytime I restart all those numbers are gone. Mabe my pc was configured in a different way.

But, anyway I can still manage to surf without those DNS services.. (is it really compulsory?) ...I could just rely on WOT and other security privacy addons on my Firefox browser like antisocial, auto proxy, beefree, betterprivacy, csfire, no fb tracking, search engine security, etc...(did I miss something? pls add yours... ) ..and using proxies like TOR and of course a reliable antivirus and HIPS with firewall program. Even my NOD32 have blocked several websites that suppose to be having some thing that could harm my pc. And even if it didn't blocked some good looking sites, I could not download some programs in some of this sites coz NOD32 is terminating its connection coz it detected that it has some malicious content in it. Well, maybe it's also reliable and probably could be even more better than DNS services but this could be just be my own opinion.