The HOSTS File/IP Blocker Project

Discussion in 'other security issues & news' started by MakoFusion, Mar 16, 2005.

Thread Status:
Not open for further replies.
  1. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    UnOFFICIAL HOSTS File/IP Block Project!​
    The HOSTS file tutorial is ready!​

    Greetings,

    In short > idea presented > posting here
    https://www.wilderssecurity.com/showthread.php?t=69643
    ::wimper wimper:: :'(
    Dog never reply ... :(
    Me start project! :)
    Get secure! :D

    The Problem!
    Site A has HOSTS file 'blah', site B has HOSTS file 'bleh', and site C has HOSTS file 'urggg'!
    Some have entries others don't and yet due to "legal issues"
    ::raises both hands with index and middle fingers along with a mimicking voice::​
    nobody can distribute such a file combined. Everyone has to "play fair" and "not step on anybody's toes" while dancing to this ridiculous ballet.
    Thats BS!
    YOU have a right to block any site YOU wish!
    YOU have a right to control what should not come onto YOUR computer!
    YOU have a right to a layer of protection in the form of a HOSTS file!

    The Half-baked Solution!
    I provide the information and the methods used, but I'm afraid that I have to leave it to you to merge together such a super HOSTS file. This is not for the beginner who has no experience with HOSTS files! This is for the more experienced posters who know how to diagnose a HOSTS file to remove entries if they want a site to work right! If you are new to HOSTS files I recommend number 2, 8, OR 10 on the list with highest reguards to 8. HPGuru's HOSTS file has reputation and its own forum.

    Before anyone new to a HOSTS file does anything please read the following!

    WARNING: Read this before attempting to play around with HOSTS file.
    Your computer will CRAWL or FREEZE
    if you are on
    Windows 2000/XP later on if you DON'T do this!

    Start > Run > ::type:: services.msc > ::press:: [Enter]
    DNS Client ::doubleclick it::
    General tab > Startup type = "manual" or "disable"
    ::click:: Stop
    ::click:: OK
    REBOOT!
    [NO automatic][Disable YES]
    [NO automatic][Disable YES]
    [NO automatic][Disable YES]


    Getting Started! [Programs needed!]
    WinZip OR WinRar
    SpyBot Search + Destroy
    Hostess
    HostsMan
    +*SuperTrickXG

    +Hold off on installing this program for now...
    *ads OR ads+pr0n

    The HOSTS File Listings!
    1. http://www.bluetack.co.uk/forums/index.php?showtopic=8406
      (Zip file)[Unzip to HOSTS folder][Rename 'Alpha']
      [Deleate original zip file before moving on]
    2. http://www.mvps.org/winhelp2002/hosts.htm
      (Zip OR .txt file)[Unzip to HOSTS folder][Rename 'Beta']
      [Deleate original zip file before moving on]
    3. http://pgl.yoyo.org/adservers/serverlist.php?showintro=0&hostformat=hosts
      (.html page)[Select all text and control+c]|[control+v to notepad][Save as 'Charlie' in HOSTS folder]
    4. http://www.accs-net.com/hosts/get_hosts.html
      (Zip file)[Unzip to HOSTS folder][Rename 'Delta']
      [Deleate original zip file before moving on]
    5. http://www.accs-net.com/hosts/Downloads/Hosts.zip
      (Zip file)[Unzip to HOSTS folder][Rename 'Echo']
      [Deleate original zip file before moving on]
    6. http://someonewhocares.org/hosts/
      (.html page)[Select left of first #, left click and HOLD!, and drag down to last #][highlighted? then control+c]|[control+v to notepad][Save as 'Foxtrot' in HOSTS folder]
    7. http://www.ecst.csuchico.edu/~atman/spam/adblock.shtml
      (.html page)[Find list with '127.0.0.1 server name' repeated line by line on left][highlighted? then control+c]|[control+v to notepad][Save as 'Golf' in HOSTS folder]
    8. http://www.hosts-file.net/pafiledb/pafiledb.php?action=file&id=1
      (Zip file)[Unzip to HOSTS folder][Rename 'Hotel']
      [Deleate original zip file before moving on]
    9. http://cmd.bin..www.beemerworld.com/tips/hosts.txt
      (.txt file)[Select all text and control+c]|[control+v to notepad][Save as 'India' in HOSTS folder]
    10. http://hostsfile.mine.nu/Hosts.zip
      (Zip file)[Unzip to HOSTS folder][Rename 'Juliet']
      [Deleate original zip file before moving on]
    11. *http://hostsfile.mine.nu/Hosts.porn.zip
      (Zip file)[Unzip to HOSTS folder][Rename 'KiloPr0n']
      [Deleate original zip file before moving on]
    *pr0n
    ^program install (not just a list)

    Get Those Listings!
    Create new folder on desktop and label it 'HOSTS'
    Install SpyBot
    Install HostsMan
    Install Hostess
    Download the various listings provided and label em as shown above!
    Go to list with instructions in between the lines!

    [Have you downloaded all the listings you need yet?]
    [Are you NOT renaming files and suddenly forget which ones you have?]
    ::SMACK!::
    [Do it right! One at a time >
    Unzip file to folder, rename as shown, deleate zip file
    BEFORE
    moving on to next HOSTS on the list
    ...least you overwrite ones you already have!]


    So far a complete list includes Alpha through KiloPr0n

    Open HostsMan
    [Is that H circle icon green?][Click it once][Is that H circle icon red? GOOD!]
    We have disabled the HOSTS file and will start fresh!
    Close HostsMan
    Now we can begin!

    Combining/Merging The Listings
    Install SuperTrickXG (The list within this program includes the following)
    [Base HOSTS file][Ad servers][Counters][Usless sites][Pr0n Sites]
    When finished open HostsMan
    [Is that H circle icon green again? Alright!]
    Tools > Count entries in Host

    If you already have Hostess then...
    Deleate Groups.cdx, groups.dbf, hosts.cdx, and hosts.dbf in Hostess folder or wherever Hostess.exe is!

    Open Hostess with settings...
    Eh whats this? A popup should ask...
    "Your hosts database is empty. Would you like to import your existing hosts file?"
    ::click:: [YES]
    (Create new groups as needed/Do not change the currently assigned group)
    ::click:: [Import]

    Alpha, Beta, Charlie Imports!
    File to import (folder icon on right)
    Import Alpha
    Import Beta
    Import Charlie
    etc.
    After importing all desired lists
    ::click:: [Close]
    ::click:: [Red 'G' Button on left]
    ::click:: [Cleanup]
    ::click:: [Sort]
    The next click can take up memory so be warned! If you do not have enough the program Hostess could freeze up since its taking so many listings in memory and rearranging them!
    ::click:: [Save]
    File > Export > Locate desired place to save and name it 'LimeFAT'
    ::click:: [Export!]
    Exit Hostess!
    Copy LimeGold to another location so you have a backup thus far!
    Name the backup simply HOSTS with no extension.
    Place HOSTS in the folder it needs to go replacing the current one!

    Removing duplicates and compacting
    WARNING: Do not use both Hostess + HostsMan to remove duplicate entries!
    Edit: During the course of this type I found that if I take LimeFAT and imported it into Hostess it would find duplicates. After saving that file I imported the file AGAIN into Hostess and it would find MORE duplicates. In the end I found out it was keeping almost the same number of 'new hosts' and not really taking these entries out! On top of that it was removing groups one at a time! Before I had recommended Hostess to remove duplicates because it has been out longer.... NO MORE! We are going to go with HostsMan because when you rescan for duplicates the second time it does not find more in the updated file.

    Start Spybot Search + Destroy
    Mode > Advanced mode
    Tools tab
    ::check box:: Hosts file
    ::click:: Host file
    ::click:: Add Spybot S+D hosts list
    Exit SSD
    SSD WILL make the current HOSTS file README only which means you cannot edit it again until you change it back!

    Open HostsMan
    ::click:: [Yellow padlock icon]
    Until it says 'unlocked' on the bottem right of the window!
    Tools > Find duplicates
    ::click:: [Deleate all]
    We shall dub this updated version of the HOSTS file 'MangoTHIN' so make a backup of your current HOSTS file in use. Rename the copy 'MangoTHIN' and place in your HOSTS folder so you have a backup! Keep the current HOSTS file active though...

    At this point in time we have
    [SuperTrickXG]+[Alpha through LimaPr0n]+[SSD entries]-[Duplicate Entries]=[MangoTHIN]

    Open HiJack This
    ::click:: scan
    Check any entries that appear such as this...
    xx - Hosts: xxx.xxx.xxx.xxx servername
    (where xx denotes a number like 01 and xxx.xxx.xxx.xxx denotes a number OTHER than 127.0.0.1)
    ::click:: Fix checked
    Close HiJack This

    Securing and backing up
    Back to HostsMan
    Tools > Check HOSTS for errors
    Once errors are removed then...
    ::click:: [Yellow padlock icon]
    Until it says 'LOCKED' on the bottem right of the window!
    Make a backup of this current HOSTS file and name it 'NeverwinterGOLD' for we have the final desired result! =)

    Check entries for a final count with HostsMan!
    Post results in this thread!

    How did you do? I usually go the whole nine yard so here are my results!

    March 17, 2005 runthrough results!
    After SupertrickXG install count with HostsMan
    [80,172 entries]
    Importing SupertrickXG HOSTS file to Hostess
    [80,167 new hosts][5 duplicate hosts][20 new groups]
    Cleanup after importing Alpha through KiloPr0n
    [306 unused groups removed]
    After exporting SupertrickXG HOSTS merged with Alpha through KiloPr0n
    [4.04 MB]
    Stats on LimeFAT with HostsMan BEFORE SSD
    [137,046 hosts total][25,725 duplicates][84 groups]
    Stats on LimeFAT with HostsMan AFTER SSD
    [137,247 hosts total][25,726 duplicates][84 groups]
    Stats on MangoTHIN with HostsMan
    [111,521 hosts total][0 duplicates](84 groups)
    HiJack this shows that MangoTHIN has these entries other than 127.0.0.1
    [8 entries found]
    Final stats on NeverwinterGOLD with HostsMan
    [111,519 hosts total][0 duplicates](84 groups)(3,367 KB)

    Other Stats
    Ad-aware will find 1 critical entry in NeverwinterGOLD
    *SSD will find 25 common hijackers in this NeverwinterGOLD
    Please refer to these threads for more detail...
    https://www.wilderssecurity.com/showthread.php?t=71171
    http://www.hosts-file.net/phpbb2/viewtopic.php?p=438#438

    *Most of these are from HPGuru's HOSTS file and for possably good reason! Please refer to this site...
    http://www.spywarewarrior.com/rogue_anti-spyware.htm
    under the section Rogue/Suspect Anti-Spyware Products and you will find many of these entries there. SOME of the entries are under Legitimate/Licensed Clones and some are not listed on this site. Yes the HOSTS file is setup so you cannot access these sites and if you remove them with Spybot you can access them again. When more people block the site because of the HOSTS file it can decrease revenues because people simply are not getting to the link these companies want you to get to. If HPGuru put it in his HOSTS file there must be a reason why! However here is the other side of the coin... Spybot Search & Destroy wants the user to remove such blockage of these sites. As these products are spyware scanners one of two things has problably occured...
    1. Spybot does not want people blocking their site with a HOSTS file so naturally they try to cover their butts by ensuring other spyware program sites are not blocked.
    2. Legal action of some sort has forced Spybot into this position but that is unlikely... Spybot seems to have gone out of their way to add these signatures to check and see if these sites are in your HOSTS file. A bad move on their part since some of these seem to be shady sites and really should be blocked. If you or I wish to block it so be it! That is our choice and does not constitute legit spyware removal. (In fact we may be avoiding spyware by blocking out rogue spyware sites.) Now they most likely feel pressured if they remove such scan signatures where everyone wonders why they put them in to start with. Is SSD a program I use for other spyware removal and keeping my system clean? Yes it is! I would not go ditching it because of this but I do think they need to get their act together. I have noticed the common hijacker thing for a while now when I run SSD! Why has this NOT been fixed yet Spybot?

    Final Notes
    -Verifying the HOSTS file is another matter and may or may not be addressed depending on a solution someone else or I can find for it!
    -As with any layer of protection there are cases when the HOSTS file will NOT work!
    -Such a large HOSTS file will restrict access to features you may WANT! Off hand I know it prevents you from signing on AIM.
    -I cannot recommend the program mentioned in
    https://www.wilderssecurity.com/showpost.php?p=404056&postcount=9
    (For purpose of this project)
    for the update feature shatters ALL the hard work you have done on your HOSTS file and replaces entries with only the ones from
    http://www.mvps.org/winhelp2002/hosts.htm

    Please reply back with rating and ease of instructions... I know its alot of steps so attention to detail was critical!​

    Keywords for Search
    HOST, HOSTS, HostsMan, Hostess, HostsFile, Hostfile, DNS disable, DNS manual, DNS service, DNS services, PyBoticide Productions, Tutorial
    *This thread should appear as the first posting when doing a search for 'HOSTS' on this forum!
     
    Last edited: Mar 18, 2005
  2. dog

    dog Guest

    Hi Data, ;)

    It was that I didn't want to move forward with it, but there were/are significant legal issues with proceeding to release anything publicly. Which was why I was hoping it would quietly slip away, and didn't reply further.

    It's still a hobby for me though. ;)

    Steve
     
  3. MakoFusion

    MakoFusion Registered Member

    Joined:
    Jun 25, 2003
    Posts:
    130
    So I'm doing the next best thing.. showing members how they can merge HOSTS files but not giving them one! So nothing to release just sharing some knowledge that users will have to help themselves to.

    Exactly what kinda legal issues if we made our own HOSTS file?
     
    Last edited: Mar 17, 2005
  4. dog

    dog Guest

    Hi again MF, ;)

    Well, without getting too deep in it. I seek out advice from a knowledgeable friend in addition to my research regarding this venture, to make sure that I not only protected my butt, but also didn't put anyone else at risk.

    These are a few examples of issues that resulted from the research:

    1. By merging/compiling Hosts we aren't creating anything - Explicit permission would have to obtained from all the parties involved with no exception.

    2. Because of the definitive nature of Hosts files, targeted sites are impacted 100% because the user can not access the site at ALL. Where as things like IE-Spyad, Spyware Blaster only restrict the actions/abilities of the targeted sites. Requests from those vendors/sites listed will not only be likely, but may follow with legal action if they aren't de-listed on a Hosts file update.

    3. Is a combination of both 1 & 2. In regards to the borrowing contents of available lists, if the source de-lists a certain site, and our list isn't updated correspondingly, it may result in legal action against both us and the source, as a result of our actions/inactions.

    There really is so much involved in this, and these are only a few of the issues . These issues are also seriously complicated by involving others, and thats not to say that researching/developing/maintaining you own list wouldn't be without risk. There are rather grave consequences/ramifications either way ... but who would want to potentially put others at risk, and would those parties grant permission for the use of their list in light of this?

    So keep it as a hobby as I do. Now that you've provided others with the ability to do the same, everyone can happily make and maintain there own , for themselves by themselves.

    HTH, ;)

    Steve
     
  5. dog

    dog Guest

    Well, Spanner actually sharing the ideas etc. here would have an impact on Mike and Paul, as they would be providing the vehicle for us to exchange ideas etc., therefore they could be on the hook for damages too, if there was ever any legal action.

    To me - this is a definite NO-NO period! ;) Hey, if you want to do something, just don't involve Wilders', either do it privately in emails, or create your own webspace dedicated to it.

    Lets just end any such decussion here, and leave it at that. OK guys. ;) :)

    Regards;

    Steve
     
  6. gud4u

    gud4u Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    206
    I like MakoFusion's approach:
    - This is how you do it.
    - Here are the tools you need.

    There is a user-skill problem with simply offering a super Hosts file. Those WITHOUT the knowledge and skills of the above-posters have the opportunity to use a hosts file that is extremely restrictive - and won't know how to deal with the many site-restrictions they will encounter.

    For example, I'm using just the MVPS hosts file, and have had to remove a few of the ad-blocks just to gain access to the NY Times online opinion page. Not a problem, since I know how to diagnose it and determine what to remove from the block-list - but offering a super-compilation block-list to total newbies is similar to leaving a loaded gun on the street.
     
  7. dog

    dog Guest

    Just one final note:

    There are methods to submit/contribute suggestions to the various Hosts file projects ... they of course do have to be your findings. ;)

    If you do wish to submit something for consideration, you have to provide a summary of your reasoning for it's inclusion along with the domain/url.

    To see the process for making submissions, please read the authors homepage.

    Just a few examples:

    HpGuru uses a Forum for suggestions - http://www.hosts-file.net/phpbb2/
    MVPS - requires an email to the webmaster - winhelp2002 at comcast com net

    Steve

    PS. MF one other tool you may like to add to your list would be HOSTS File Manger Version 1.0.1.2 from MVPS - http://www.mvps.org/PracticallyNerded/SoftMain.htm
     
  8. feddup

    feddup Registered Member

    Joined:
    Oct 30, 2004
    Posts:
    160
    Thank you very much for your effort. Some of us newer security devotees need step by step instruction. The attension to detail and many options are appreciatted. I'd worried that the wilders hosts project had withered and died. So far hosts seem to me to give the greatest protection for the least resources, monetary and system. Thanks for the guide.
     
    Last edited: Mar 17, 2005
  9. dog

    dog Guest

    Another ~little~ update ;)

    HpGuru posted this in another thread if anyone who is interested in this thread, and has the qualifications :)
    Link to the Original post by HpGuru

    Link to whole Thread
     
  10. Ronin

    Ronin Guest

    Another problem is that someone said to allow all "Senior members" to contribute entires to the hosts file. With all due respect to this forum, there are many major senior members who just don't have the skills or knowledge to be trusted with such decisions.
     
Loading...
Thread Status:
Not open for further replies.