Author Topic: Tweak DNS for faster access in XP.  (Read 48043 times)

0 Members and 1 Guest are viewing this topic.

Mastertech

  • Guest
Re: Tweak DNS for faster access in XP.
« Reply #15 on: October 21, 2005, 12:33:59 AM »
Quote
But without a hosts file you can go to evilsite.com and download and install vicioustrojan.exe. With the hosts file, you will not even get to the site. And of course, the site will probably be called lovelyfreedownloads.com and the file will be called wonderfulfreeaplication.exe.
You can get this from visiting a website? Show me the link that allows this to autoinstall. That is what you want to stop. Autoinstalling Spyware.

Quote
If you download and install an adware, spyware or Trojan program, you will get infected, even with a spick-and-span-bright-as-a-new-pin OS.
You can always get infected with an application you download. This is impossible to block. Using a Hosts file to try and stop this is like spitting in the wind. Any spyware maker with half a brain will just register new IPs. There is nothing you can do about it. Any sort of security you think you have from this is completely false.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Tweak DNS for faster access in XP.
« Reply #16 on: October 21, 2005, 12:48:57 AM »
I'm not talking about autoinstall, I'm talking about a manual install, as in downloading a crack or a smiley-maker or a MSN add-on.

Quote
This is impossible to block. Using a Hosts file to try and stop this is like spitting in the wind. Any spyware maker with half a brain will just register new IPs. There is nothing you can do about it. Any sort of security you think you have from this is completely false.

Maybe. You can say this about AV's too.

Most of my sense of security comes from a good firewall, and an up-to-date system. I don't like to download anything except from sources I know and trust.

But the hosts file does block ads well.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Mastertech

  • Guest
Re: Tweak DNS for faster access in XP.
« Reply #17 on: October 21, 2005, 01:01:06 AM »
You can say the exact same thing about viruses, which is why antivirus companies detect the virus signature and not the source it was distributed from.

And if you want to block ads there are much better ways to do it.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Tweak DNS for faster access in XP.
« Reply #18 on: October 21, 2005, 01:12:18 AM »
It works for me. ;)
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Mastertech

  • Guest
Re: Tweak DNS for faster access in XP.
« Reply #19 on: October 21, 2005, 01:19:09 AM »
Do you have DNS caching turned off?

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Tweak DNS for faster access in XP.
« Reply #20 on: October 21, 2005, 02:09:14 AM »
Additions of 'bad' sites to the hosts file is useful a) for blocking ads and b) for blocking sites which carry malware, thus alerting you to the fact that it's probably not a good idea to download a program from that site, or even visit it (if you could) if you browser and OS are not completely bang up to date. Without the hosts entry you could visit that site and download the adware or spyware program even with SP2 and the latest updates.
PeerGuardian won't do the same work?
Does anybody know how can I translate the www addresses from HostManager into IP addresses of PeerGuardian?
I mean, not one by one, but by a batch process.

For some reason Spybot detects some entries as malware redirections, when in fact the 'bad' address is being redirected to 127.0.0.1, not a 'good' address to a 'bad' one: seems to be some CoolWebSearch entries that it picks up.
That's the worst part of HostMan... you have to make a blacklist, unlock Hosts, etc. etc.
The best things in life are free.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Tweak DNS for faster access in XP.
« Reply #21 on: October 21, 2005, 02:15:11 AM »
Do you have DNS caching turned off?
Is it good to do so? Just disable Windows service?
The best things in life are free.

Mastertech

  • Guest
Re: Tweak DNS for faster access in XP.
« Reply #22 on: October 21, 2005, 02:29:15 AM »
No it is not a good idea to do so which is why I asked, most people pushing hosts files recommend turning it off.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Tweak DNS for faster access in XP.
« Reply #23 on: October 21, 2005, 02:37:36 AM »
Most people pushing hosts files recommend turning it off.
Why? Just to avoid conflicts?
The best things in life are free.

Mastertech

  • Guest
Re: Tweak DNS for faster access in XP.
« Reply #24 on: October 21, 2005, 03:20:34 AM »
Performance reasons: MVPS Hosts

Quote
Editors Note: in most cases a large HOSTS file (over 135 kb) tends to slow down the machine. This only occurs in W2000 and XP. Windows 98 and ME are not affected.
They then go on to recommend disabling the DNS Client, which is NOT recommended.

KB318803
Quote
Note The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated.

The DNS Client service optimizes the performance of DNS name resolution by storing previously resolved names in memory. If the DNS Client service is turned off, the computer can still resolve DNS names by using the network's DNS servers.
Disabling the client puts an unnecessary load on the network's DNS servers and reduces Internet performance. The only negative thing that can happen with DNS caching is when it stores unresolved addresses which can be fixed by using TCP/IP Optimizer.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67195
Re: Tweak DNS for faster access in XP.
« Reply #25 on: October 21, 2005, 01:35:30 PM »
Performance reasons
Thanks for all info.

Which can be fixed by using TCP/IP Optimizer.
I'll give it a try but seems it does the same as run "C:\Windows\system32\ipconfig.exe /flushdns"
The best things in life are free.

Mastertech

  • Guest
Re: Tweak DNS for faster access in XP.
« Reply #26 on: October 21, 2005, 01:55:52 PM »
Quote
I'll give it a try but seems it does the same as run "C:\Windows\system32\ipconfig.exe /flushdns"
No it is not the same. TCPIP Optimizer disables DNS caching from storing any unresolved DNS queries via registry entries. So you never have to flush it.

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: Tweak DNS for faster access in XP.
« Reply #27 on: October 21, 2005, 02:35:53 PM »
TCP/IP Optimizer is something like a CURE, and FlushDNS is just a temporary relief medication...  ;D
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s

Mastertech

  • Guest
Re: Tweak DNS for faster access in XP.
« Reply #28 on: October 21, 2005, 02:47:48 PM »
Exactly,

DNS Error Caching

Quote
Windows has built-in DNS (Domain Name System) caching, which basically caches resolved hostnames for faster access and fewer DNS lookups. This is generally a great feature, with the only downside that failed DNS lookups get cached by default as well... When a DNS lookup fails (due to temporary DNS problems), Windows still caches the unsuccessful DNS query, and in turn fails to connect to a host regardless of the fact that the DNS server might be able to handle your lookup seconds later. One can manually flush failed DNS lookups by typing ipconfig /flushdns in Command prompt... Or you can simply set the 3 values in the Optimizer to "0", and it will set the relevant Registry settings.

Note:  Seems Microsoft changed the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\NegativeCacheTime Registry entry in Windows 2000to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxNegativeCacheTtl in Windows XP and 2003 server. We have updated this in the 2.02 version of the program.
Simply run TCP/IP Optimizer once and you will never have any failed lookups stored in the DNS cache again.

Offline szc

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6927
Re: Tweak DNS for faster access in XP.
« Reply #29 on: October 21, 2005, 03:04:58 PM »
Mastertech my friend... another question tightly related to this topic...

We all know that tcpip.sys is a system file, and Windows protection feature will always alarm when we try to apply TCP/IP Slowdown fix... that's fine and that's how it suppose to be... we just need to ignore it and that's all.

But... but what if some huge Windows patch or updates are applied after TCP/IP slowdown fix is already applied ? Will Windows update replace tcpip.sys with the original (unpatched) one ?

I'm asking because I know that when you do similar things with some system files that holds icons inside themselves, they will be replaced immediatelly after some update is downloaded and installed. I actually never saw that, but I've read some lines on some newsgroups, and people were trying to replace original XP icons with Vista icons using some system file replacer-patcher or something...

Regards !
MB: GIGABYTE GA-Z77X-UD3H Intel 7 Series  - LGA1155, CPU: Intel Core i5-3570K - Quad Core, 3.40GHz (3.80GHz Max Turbo), CPU COOLER: Cooler Master Hyper 212 EVO Direct Heat Pipe R2, RAM: 16 GB Kingston HyperX Blu DDR3, VIDEO CARD: Galaxy GeForce GTX 560 Ti - 1GB, GDDR5, POWER SUPPLY: Corsair Enthusiast Series TX750 V2 - 750 Watts, HD: Seagate Barracuda - 2TB, 7200RPM, 64MB, SATA 6Gb/s