1. How do you protect your host file?
2. Do you use MVPS hosts file?
Asyn: Where in your signature is the host protection software/programme?
But you have no specific programme or software dedicated to protecting the host file?
Thank you all again for the useful tips.
I also downloaded MVPS and copied it manually to the host file. PC seems to run fine with it.
@Asyn: I currently subscribe to EasyList. I will have a look at Malware Domains. Nice one.
Subscribed to it. Have to see whether there is a noticeable slowdown in web speed.
No need for the MSVP host file with IE9, just set host file to read only - job done with no extraneous junk
No need for the MSVP host file with IE9, just set host file to read only - job done with no extraneous junk
No need for the MSVP host file at all, imo.
No need for the MSVP host file with IE9, just set host file to read only - job done with no extraneous junk
No need for the MSVP host file at all, imo.
Yeah i agree with Asyn, just use Adblock Plus(for you FF users) with EasyList and Malware Domains lists. Personally i also subscribe to EasyPrivacy list.
Did not see anyone else mention this, i guess no one uses this but i have been using it for quite a while now and i am very satisfied with this service.
http://www.nortondns.com/
You've all gone OT, DNS service's and the easylist have nothing to do with the OP'S question, listen to essexboy's suggestion if on ie9.
You've all gone OT, DNS service's and the easylist have nothing to do with the OP'S question, listen to essexboy's suggestion if on ie9.
OP is on XP, therefore no IE9. ;)
Nah we are not off-topic, we simply suggested better alternatives than having a huge bloated hosts file. Especially on XP having such a large hosts file is a real killer of performance as the OP already found out on his own.It can cause a slowdown, but stopping the "DNS Client" service and setting it to Manual fixed that problem (for me). I don't need that service, and most people don't.
Use WinPatrol then and you wont get any slowdowns like MVPS does ;DYou've all gone OT, DNS service's and the easylist have nothing to do with the OP'S question, listen to essexboy's suggestion if on ie9.
OP is on XP, therefore no IE9. ;)
Nah we are not off-topic, we simply suggested better alternatives than having a huge bloated hosts file. Especially on XP having such a large hosts file is a real killer of performance as the OP already found out on his own.It can cause a slowdown, but stopping the "DNS Client" service and setting it to Manual fixed that problem (for me). I don't need that service, and most people don't.
As for going OT, I believe OP's original question was answered to his/her satisfaction. So what remains is to ramble on, chewing the fat so to speak. :)
Windows XP
Default Description
Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Additional Information
This service is not required for DNS lookups, but if it makes you happy to have it running, you may. If you attempt to "repair" your network connection and a dialog box complains that the "DNS resolver failed to flush the cache," this service is the reason. It is also needed if using IPSEC Services.
The reason why you’re unable to flush a Windows computer DNS cache is if the DNS Service is not running. Go to Start > Run and type services.msc. Double click the DNS Client to bring up DNS Client properties window. Make sure the startup type is set to Automatic and service status is Started. If not, just select the drop down menu, select Automatic and then click the Start button.
Performance reasons: MVPS Hosts (http://www.mvps.org/winhelp2002/hosts.htm)QuoteEditors Note: in most cases a large HOSTS file (over 135 kb) tends to slow down the machine. This only occurs in W2000 and XP. Windows 98 and ME are not affected.They then go on to recommend disabling the DNS Client, which is NOT recommended.
KB318803 (http://support.microsoft.com/default.aspx?scid=kb;en-us;318803)QuoteNote The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated.Disabling the client puts an unnecessary load on the network's DNS servers and reduces Internet performance. The only negative thing that can happen with DNS caching is when it stores unresolved addresses which can be fixed by using TCP/IP Optimizer.
The DNS Client service optimizes the performance of DNS name resolution by storing previously resolved names in memory. If the DNS Client service is turned off, the computer can still resolve DNS names by using the network's DNS servers.
Myth - "Special AntiSpyware Hosts Files are necessary to prevent Spyware infections."
Reality - "Using Special AntiSpyware Hosts Files are a waste of time and leads to a false sense of security. Any Malware/Spyware can easily modify the Hosts File at will, even if it is set to Read-only. It is impossible to "lock-down" a Hosts File unless you are running as a limited user which makes using it in this case irrelevant anyway. Various Malware/Spyware uses the Hosts File to redirect your Web Browser to other sites. They can also redirect Windows to use a Hosts File that has nothing to do with the one you keep updating. The Hosts file is an archaic part of networking setups that was originally meant to be used on a LAN and was the legacy way to look up Domain Names on the ARPANET. It tells a PC the fixed numeric address of the internal server(s) so the PC doesn't have to go looking for them through all possible addresses. It can save time when "discovering" a LAN. I don't consider 1970's ARPANET technology useful against modern Malware/Spyware. When cleaning Malware/Spyware from a PC, it is much easier to check a clean Hosts File then one filled with thousands of lines of addresses. Considering how easily a Hosts File can be exploited, redirected and potentially block good sites, it is strongly recommended NOT to waste time using Special Hosts Files."
- ARPANET - The First Internet (Living Internet)
- Domain Name System (DNS) History (Living Internet)
- How to troubleshoot Internet Explorer 7 issues (Microsoft)
- How to troubleshoot network connectivity problems in Internet Explorer (Microsoft)
- Problems Using Internet Explorer with Incorrect Hosts File (Microsoft)
127.0.0.1
"Special AntiSpyware Hosts Files attempt to associate a known safe, numeric address (127.0.0.1) with the names of sites or IP addresses you want to block. When the user or any process on the PC then tries to access a blocked site, it is instead directed to the safe location. It is simply impossible to update a Hosts file frequently enough since it is cheap and easy to purchase new domain names and move to new IP addresses. You also run into problems in accidentally blocking good sites since many sites share the same IP addresses with other sites using Shared IP Hosting. Also once a malicious site is shutdown, that IP Address then becomes free and can easily be acquired by another non-malicious site."
Large Hosts Files
"Large Hosts Files cause Internet related slowdowns due to DNS Client Server Caching. This negatively effects your browsing speed. AntiSpyware Hosts File authors irresponsibly recommend disabling the DNS Client Service to solve this problem. This is not a solution. The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated. This effectively reduces Internet Performance for sites you have previously visited and puts an unnecessary load on your ISP's DNS server."
- How to Disable Client-Side DNS Caching in Windows XP (Microsoft)
Notes - There is a much better solution for bad site blocking using SpywareBlaster which more intelligently use's Internet Explorer's built-in Zone Security settings and the registry. Mozilla/Firefox protection is also provided.
- Notes on DNS Pinning (David Ross, Microsoft Security Engineer)
- SpywareBlaster (Javacool Software)
Yeah OpenDNS is great, i've used it for years before i switched to ClearCloud(discontinued now) for added security and now more recently i switched to Norton DNS.
Norton DNS sure has come a long way, it's actually as fast or slightly faster for me than OpenDNS(wasn't always like that). It is also much more configurable than it used to be. ;)Here are a few screenshots: :)(http://www.shrani.si/t/E/de/4Yg8Ky9n/1.jpg) (http://www.shrani.si/?E/de/4Yg8Ky9n/1.png)
(http://www.shrani.si/t/3a/LL/1PQlUVKk/2.jpg) (http://www.shrani.si/?3a/LL/1PQlUVKk/2.png)
(http://www.shrani.si/t/1B/hK/2JDPrJFm/1/3.jpg) (http://www.shrani.si/?1B/hK/2JDPrJFm/1/3.png)
Thanks for the tips.
Can you lock down the host file in Shiternet Explorer 8?
IE8 also has the blacklist although not quite as comprehensive as IE9Is this referring to smartscreen filter, or some other function of IE?
Yep smart screen ;DThanks
@rdmaloyjr: So this would not do the trick ?
(http://www.shrani.si/f/3Z/nu/4XRMNJp8/1.png)
If you go to http://nortondns.com/ and in the right top corner you have the button sign in, click on it and register over there(it's free), then you can set all those content filtering options for your ip(assuming you've already set Norton's DNS servers in your router).
What's the difference between FamilyShield and OpenDNS Basic?
Choose FamilyShield if you're looking for a quick, no-fuss way to protect your children from adult content online for free. Choose OpenDNS Basic if you'd like a more customizable alternative — you can block or unblock lots of other types of sites, see reports on how your family uses your Internet connection, and more. OpenDNS Basic offers everything FamilyShield does, and it's also free, but it requires a few extra setup and customization steps.