SafeOnline notifies when Hosts File "blocks" website...

Discussion in 'Prevx Releases' started by EscapeVelocity, Apr 25, 2010.

Thread Status:
Not open for further replies.
  1. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Just as a for your information.

    I have MVPS and other hosts files.

    I guess this is to alert to possible Hostsfile manipulation?

    Also Winpatrol notifies when the Hosts File has been changed....like when updating Hosts Files.
     
  2. EscapeVelocity

    EscapeVelocity Registered Member

    Joined:
    Apr 1, 2010
    Posts:
    368
    Does SafeOnline use a blocklist?
     
  3. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    SafeOnline will warn if it detects user browsing being redirected via the hosts file, which could potentially trigger a warning from the MVPS host file depending on where you browse to. If you are browsing to a legitimate website, you can click "Allow" in the dialog which will add the domain to the trusted list.

    SafeOnline uses a blacklist and a wide set of heuristic rules to help identify malicious websites before the user visits them :)
     
  5. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    465
    Location:
    UK
    Mmmm, unfortunately, the logic is not right though. The three options offered are:

    (1) Close
    (2) Fix
    (3) Ignore

    (1) Close shuts down the browser. :thumb:

    (2) Fix deletes the entry from the hosts file and presumably visits the site with the IP address given by the DNS. (I don't know what happens if the host file is read only though). :thumb:

    (3) Ignore "Allows" you to override the protection, visit the website, and add it to the list of sites (like an overide list). But there's no point in doing this if the IP address is 127.0.0.1. In fact it removes one layer of protection if the website is also on SafeOnline's blacklist. :thumbd:

    What SafeOnline should do is have a "Keep blocked" option instead of an Ignore option when the IP address is 127.0.0.1. This has been suggested in the future changes thread too.

    if IP == 127.0.0.1
    Keep blocked button offered
    else
    Ignore button offered

    Its just a small point, but I think it would improve usability a lot for those who use the hosts file to block websites.
     
    Last edited: Apr 27, 2010
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I agree - I'll see what we can do to have this added into the next release, if not the immediate next one, a release in the near future at least :)

    Thanks for the suggestion :thumb:
     
  7. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Nice, I would like it too :)
     
Thread Status:
Not open for further replies.