Troubleshoot Should DNS Client Service Be Disabled When Using MVPS Host File?

T

The Security Guy

Level 1
Thread author
Verified
Mar 1, 2017
32
Should I disable DNS Client Service while using MVPS Hosts file? I am asking this question because I am having download slow downs. My downloads are real slow-just 15 Kb/s. I am not sure whether MVPS Hosts file is the reason for this.
 
  • Like
Reactions: Sunshine-boy
Sort by date Sort by votes
TairikuOkami

TairikuOkami

Level 38
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,708

Attachments

  • capture_02042018_161614.jpg
    capture_02042018_161614.jpg
    282 KB · Views: 418
  • Like
Reactions: harlan4096
Upvote 0
F

ForgottenSeer 58943

Just use Netstat -a to see connections. Open command prompt, type netstat -a

Remember, without DNSClient your resolution will not be cached unless you have another program or piece of hardware caching resolutions. Your browser is ALREADY caching resolutions, so DNSClient is redundant and even slows down browsing in some cases added a secondary and unnecessary call. Chrome for example has a DNS Preresolver so once the DNS resolution is established from primary forwarder, you are much better off than using DNSClient.

For non-browsers, DNS resolution without a cache/resolver will be imperceptibly slower. Ping your DNS and find your non-browser cache speed, usually sub-20ms, something you likely won't perceive. For example if you launch a game it's resolving already during the launch period so a >20ms resolution poll won't be perceptible AT ALL..

If you have a local DNS (Pi-Hole, strongly recommended), DNSClient WILL slow everything down because it's adding a second or third layer, totally unnecessary cache to your system. If you use Heimdal, it's adding ANOTHER dns cache because Heimdal itself has a small caching agent from your primary resolver so DNSClient once again gets in your way.

We know over the years, that things like DNSClient are junk and should be disabled..

Flaw in Windows DNS client exposed millions of users to hacking

https://tools.cisco.com/security/center/viewAlert.x?alertId=11487

https://us.norton.com/online-threat...ponsespoofingvulnera-28553-vulnerability.html

https://support.microsoft.com/en-us...nerability-in-dns-client-could-allow-spoofing
 
Last edited by a moderator:
  • Like
Reactions: Handsome Recluse, Azure and harlan4096
Upvote 0
T

The Security Guy

Level 1
Thread author
Verified
Mar 1, 2017
32
ForgottenSeer 58943 said:
Just use Netstat -a to see connections. Open command prompt, type netstat -a

Remember, without DNSClient your resolution will not be cached unless you have another program or piece of hardware caching resolutions. Your browser is ALREADY caching resolutions, so DNSClient is redundant and even slows down browsing in some cases added a secondary and unnecessary call. Chrome for example has a DNS Preresolver so once the DNS resolution is established from primary forwarder, you are much better off than using DNSClient.

For non-browsers, DNS resolution without a cache/resolver will be imperceptibly slower. Ping your DNS and find your non-browser cache speed, usually sub-20ms, something you likely won't perceive. For example if you launch a game it's resolving already during the launch period so a >20ms resolution poll won't be perceptible AT ALL..

If you have a local DNS (Pi-Hole, strongly recommended), DNSClient WILL slow everything down because it's adding a second or third layer, totally unnecessary cache to your system. If you use Heimdal, it's adding ANOTHER dns cache because Heimdal itself has a small caching agent from your primary resolver so DNSClient once again gets in your way.

We know over the years, that things like DNSClient are junk and should be disabled..

Flaw in Windows DNS client exposed millions of users to hacking

Microsoft Windows DNS Client Buffer Overflow Vulnerability

Microsoft Windows DNS Client Service Response Spoofing Vulnerability | | Norton

https://support.microsoft.com/en-us...nerability-in-dns-client-could-allow-spoofing
Click to expand...

Junk. That is the right word for DNS Client. I will never enable it again. Thanks for all the help and info man.
 
Upvote 0
conceptualclarity

conceptualclarity

Level 21
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 23, 2013
1,076
Back when I used to stock my Hosts file with MVPS Host File through jv tools, i would get blocked from visiting all kinds of legitimate websites, including Newegg. When I quit MVPS Host File and only used Spybot and Malware Domain List (via HostsMan) I quit having that problem. You'll never get me to go back to MVPS Hosts File.
 
  • Like
Reactions: askmark and Evjl's Rain
Upvote 0
T

The Security Guy

Level 1
Thread author
Verified
Mar 1, 2017
32
conceptualclarity said:
Back when I used to stock my Hosts file with MVPS Host File through jv tools, i would get blocked from visiting all kinds of legitimate websites, including Newegg. When I quit MVPS Host File and only used Spybot and Malware Domain List (via HostsMan) I quit having that problem. You'll never get me to go back to MVPS Hosts File.
Click to expand...

'Back in the day' it may have happened but 'today' I think no such problem exists.
 
Upvote 0

Similar threads

Victor M
    • +Reputation
    • Like
    • Hundred Points
  • Suggestion
Setup Idea Default Deny Windows Firewall setup How To
Replies
7
Views
3,437
PC Setup Ideas
Victor M
Victor M
F
    • Like
  • Locked
Service Host: Network List Service...Virus?
Replies
11
Views
2,442
Windows Malware Removal Help & Support
nasdaq
nasdaq
Lymphocyte
    • Like
    • +Reputation
Security News ESET repports that OilRig’s persistent attacks using cloud service-powered downloaders
Replies
0
Views
2,546
Security News
Lymphocyte
Lymphocyte

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top