Guide | How To Hardening your HOST file

[Deleted member 178]

Sometimes an antivirus suite is not enough, you may be redirected to infected sites, so you need to harden your HOST file.

There it is the HOST file (to be downloaded) and tutorial to "harden" it.

http://winhelp2002.mvps.org/hosts.htm

if you have already a custom HOST file, copy your lines in a text file before launching the batch. then past them in the updated HOST.

hope it can help you.

 

[bogdan]

You might also want to check HostMan. A small software tool that you can use to manage your HOSTS file, including subscribing to the MVP Hosts provided above and keeping your HOSTS file up to date.

 

[jamescv7]

Hphost is also another alternative for hardening the host file too.

 

[Deleted member 178]

hostman is very useful. thx

 

[moonshine]

I refused from hardening my HOSTS file since it blocks too much and slows me down, Adblock Plus and a Secure DNS would do fine for me.

 

[Vextor]

Meh, I'd just use ClearCloud and Norton DNS.

 

[HeffeD]

I refused from hardening my HOSTS file since it blocks too much and slows me down, Adblock Plus and a Secure DNS would do fine for me.

Yes. I'd actually recommend against filling up your HOSTS file...

A large HOSTS file can affect system performance because the HOSTS file is not indexed. The file must be read from the beginning of the file each time it needs to do a lookup. Depending on the system, this can be extremely detrimental to performance. If each new lookup needs to scan several MB's of data, you can see where the problem lies.

HOSTS file sites recommend disabling the DNScache service if you are experiencing performance issues. What they don't tell you is that by doing this, you've just killed your local resolver list. This means that each and every URL you visit now needs a DNS lookup instead of just unique URL lookups! :huh: This will of course slow down your browsing. Depending on the speed of your DNS service, this may not be very noticeable, but it is happening...

 

[Deleted member 178]

i see no visible slowdown actually (i have a laptop with 4gb Ram, a core2 duo P7350 2ghz 1066 mhz fsb, 3mb L2)

 

[bogdan]

HOSTS file sites recommend disabling the DNScache service if you are experiencing performance issues.

This recommendation makes no sense to me. The DNS Client service (DNS Cache) reads the HOSTS file when it starts up and thereafter whenever the DNS Client service notices that it has been modified by looking at the last modification timestamp. So the HOSTS file is actually cached by the DNS Client service. If you disable this service the HOSTS file is not cached and it has to be read and parsed repeatedly by every application that performs a DNS look-up (this is indeed a slow process).

 

[jelson]

HOSTS file sites recommend disabling the DNScache service if you are experiencing performance issues.

This recommendation makes no sense to me. The DNS Client service (DNS Cache) reads the HOSTS file when it starts up and thereafter whenever the DNS Client service notices that it has been modified by looking at the last modification timestamp. So the HOSTS file is actually cached by the DNS Client service. If you disable this service the HOSTS file is not cached and it has to be read and parsed repeatedly by every application that performs a DNS look-up (this is indeed a slow process).

I don't understand it either. But I believe that FAQ was written several years ago and systems now are considerably faster.

I've been using a MVP HOSTS file for several months and haven't disabled DSN Client. Haven't done any testing to really see what the performance hit acutally is, but I don't really notice anything (XP SP3 on Core2Duo 1.86 GHz with 1.5 GB DDR2).

I also read that disabling DNS caching will also prevent Network Discovery from working.

So far, I'm quite pleased with MVP HOSTS file (no pressing need to install AdBlock since it stops most annoying ads.) I've also looked at using
HpHOSTS file which is even more extensive, but it's HUGE in comparison:
3.8 MB (HpHOSTS) vs 0.62 MB (MVP HOSTS)

While attempting to understand the whole DNS Client issue, I also found some posts on WildersSecurity critiquing the use of HOSTS for protection against malware. (I forget all the reasons given but mainly remember that HOSTS files were orginally designed as a networking aid)

Anyway, I use HostsXpert to manage my HOSTS file but plan on trying HOSTMan and I also use Norton DNS for primary and secondary DNS servers with Google DNS in the tertiary slot in my router config.

 

[Dirk41]

Thanks Umbra for your guide.

I never tried the suggestion of this thread ( because I did not know about them and I don't know if they are all , hostman for examples, still compatible with W10) but unchecky adds some entries in host file too:
What about to just add then without installing unchecky?

 

[Deleted member 178]

Thanks Umbra for your guide.

I never tried the suggestion of this thread ( because I did not know about them and I don't know if they are all , hostman for examples, still compatible with W10) but unchecky adds some entries in host file too:
What about to just add then without installing unchecky?

i don't use Unchecky, but if the format is identical you can copy-paste.