Results 1 to 11 of 11
  1. #1
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Blocking spyware with a HOSTS file

    I've just come across the website A TroubleShooting Guide to Windows XP which contains a useful trick entitled Blocking unwanted spyware and parasites with a HOSTS file (which is relevant to this forum)!

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    2 Star Lounger
    Join Date
    Feb 2001
    Location
    Brussels, Brussel, Belgium
    Posts
    159
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Blocking spyware with a HOSTS file

    great tip. i combine mvps's host file with hpguru's one. i look for updates on security sofware (including several hosts list definitions) at the calendar of security updates

  4. #3
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Blocking spyware with a HOSTS file

    Pieter

    Golly! About 4,800 addresses from my reference, and about 26,000 from yours! That's a lot to be looked up each time by IE!

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  5. #4
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    20,381
    Thanks
    1
    Thanked 595 Times in 532 Posts

    Re: Blocking spyware with a HOSTS file

    John,

    Once you start using a HOSTS file you have the challenge of keeping all the addresses correct.

    Joe

  6. #5
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Blocking spyware with a HOSTS file

    Joe

    That's just the usual maintenance you need with any application, surely, though 30,000 entries is certainly non-trivial! I feel a BATch file coming on, to sort and deduplicate lists. Alternatively, some way of making such a list specific to the things you look at might be a better idea...

    What a pity there couldn't be a generalised entry saying "no spyware, popups or anything nasty"!

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  7. #6
    Platinum Lounger
    Join Date
    Nov 2001
    Location
    Melbourne, Victoria, Australia
    Posts
    5,016
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Blocking spyware with a HOSTS file

    John

    Just FYI, I was involved with assessing the performance implications of the Hosts file quite a few years back, before it was being used to any extent to block DNS addresses by looping back to localhost. This was on Win98. We were comparing performance against JunkBuster, which has been around for a long time, as you see on the site. To our surprise, it appeared that the Hosts file was (re)loaded into memory each and every time it was accessed i.e. with each DNS lookup! Worse still, the whole file is searched sequentially, top to bottom, for a match. Needless to say, JunkBuster came up on top for efficiency - it stays resident, uses wildcards/ pattern matching rather than single entries, and uses fast/ smart searching.

    I don't know if Hosts operation has changed (as I said, in those days it was only designed to hold a handful of entries) or whether the performance hit is noticable on today's more powerful machines. All said & done though, have you considered using something like Proxomitron? It's JunkBuster + Hosts + a whole lot more.

    Alan

  8. #7
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Blocking spyware with a HOSTS file

    Alan

    Interesting that you've actually done some work on the subject, rather than my guesswork! I am asking my XP networking guru about the vagaries of the HOST file loading, and, given sufficient enthusiasm, I may get round to using SysInternal's FILEMON to determine the loading (but not the sequential reading) characteristics.

    Proximitron looks interesting, but (as is not uncommon), it is difficult to get into because the information given assumes you know all about it already! It ought to be compulsory for software authors to provide a one-paragraph explanation of what problem the program was written to solve, and how it solves it! Also, it seems to me that a) development has ceased by the author, and it hasn't been taken over by someone else, and [img]/forums/images/smilies/cool.gif[/img] he seems to have written some of the documentation while on mind-altering substances!

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  9. #8
    Platinum Lounger
    Join Date
    Nov 2001
    Location
    Melbourne, Victoria, Australia
    Posts
    5,016
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Blocking spyware with a HOSTS file

    Well, taking up those points with the author isn't possible because, sadly, he died aged 36 on 1st May 2004. The best short description I can concoct is that it's a local proxy that sits between your browser and the big, bad internet - a link in the chain if you like, between browser and ISP.

    As such, it has the potential to vet everything that reaches your browser, or is sent from it, via http or https protocols. The potential here is wide-ranging, but the most easily understood application is its ability to actually rewrite the web pages that reach your browser, in such a way as to remove unwanted content within the HTML. For instance, things like browser window resizing commands, popups, popunders, banners can be removed from the HTML code. This makes for faster browsing (removed content is never downloaded), filtered to the desire of the user. For a better sampling of what just this one feature can do, have a look at Hitch-Hikers Guide to the Default Web Filters.

    It's possibilities are complex and wide-ranging, but it works very nicely "straight out of the box". Trying to compare its native ad-blocking ability directly with the hosts file, I can see a few dozen entries in Prox, that use its own regular expression language, compared to how ever many thousand were quoted for the hosts file. And I can't recall Prox letting through any that hosts would have blocked.

    Alan

  10. #9
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Blocking spyware with a HOSTS file

    Alan

    You may have got me sufficiently enthused to try it!

    What we probably need to establish is how many, if any, of the anti-***-ware programs will be rendered redundant by the upcoming XP SP2? The answer should be <big>all of them</big>, of course -- but I'm placing no bets on it...

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  11. #10
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Blocking spyware with a HOSTS file

    John,

    "if any" would be the good odds, NONE would be the best odds. Don't hold your breath waiting for SP2 to be the cure all. <img src=/S/hailpraise.gif border=0 alt=hailpraise width=27 height=22>
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  12. #11
    Platinum Lounger
    Join Date
    Nov 2001
    Location
    Melbourne, Victoria, Australia
    Posts
    5,016
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Blocking spyware with a HOSTS file

    It's actually dead easy to give it a whirl. It just resides in its own folder (no "installing" as such) and, despite the inadequacy of the help files, there are really only two other things to do:

    1. Be sure to set up IE so that it "talks" through Proxomitron, by following the instructions in the "Installation and Eradication" section. Use two browser windows for this - one for reading the instructions, one for fiddling the settings. At the heart of it, you should end up with Proxy Settings as shown below.

    2. Ensure that Prox is running when your browser is in use. Easiest to make a startup shortcut, so that it runs in the tray all the time (uses 360KB memory on my machine).

    That's it. I'd suggest just using it "as is" at first, comparing "annoying" sites you know with & without the filters turned on. This should give you the idea. As I said, there's a lot in it and it's probably best to pick it up bit by bit if you feel inclined to customize. For instance, after some learning I wrote a filter to insert the date, title and hyperlinked URL at the top or bottom of web pages. I sometimes turn this on when I want to save a page, so that I have its details embedded. The list goes on.

    Hope you like it.

    Alan

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •