Troubleshoot Should DNS Client Service Be Disabled When Using MVPS Host File?

The Security Guy

Level 1
Thread author
Verified
Mar 1, 2017
32
Should I disable DNS Client Service while using MVPS Hosts file? I am asking this question because I am having download slow downs. My downloads are real slow-just 15 Kb/s. I am not sure whether MVPS Hosts file is the reason for this.
 
  • Like
Reactions: Sunshine-boy

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452

Attachments

  • capture_02042018_161614.jpg
    capture_02042018_161614.jpg
    282 KB · Views: 386
  • Like
Reactions: harlan4096
Upvote 0
F

ForgottenSeer 58943

Just use Netstat -a to see connections. Open command prompt, type netstat -a

Remember, without DNSClient your resolution will not be cached unless you have another program or piece of hardware caching resolutions. Your browser is ALREADY caching resolutions, so DNSClient is redundant and even slows down browsing in some cases added a secondary and unnecessary call. Chrome for example has a DNS Preresolver so once the DNS resolution is established from primary forwarder, you are much better off than using DNSClient.

For non-browsers, DNS resolution without a cache/resolver will be imperceptibly slower. Ping your DNS and find your non-browser cache speed, usually sub-20ms, something you likely won't perceive. For example if you launch a game it's resolving already during the launch period so a >20ms resolution poll won't be perceptible AT ALL..

If you have a local DNS (Pi-Hole, strongly recommended), DNSClient WILL slow everything down because it's adding a second or third layer, totally unnecessary cache to your system. If you use Heimdal, it's adding ANOTHER dns cache because Heimdal itself has a small caching agent from your primary resolver so DNSClient once again gets in your way.

We know over the years, that things like DNSClient are junk and should be disabled..

Flaw in Windows DNS client exposed millions of users to hacking

https://tools.cisco.com/security/center/viewAlert.x?alertId=11487

https://us.norton.com/online-threat...ponsespoofingvulnera-28553-vulnerability.html

https://support.microsoft.com/en-us...nerability-in-dns-client-could-allow-spoofing
 
Last edited by a moderator:
Upvote 0

The Security Guy

Level 1
Thread author
Verified
Mar 1, 2017
32
Just use Netstat -a to see connections. Open command prompt, type netstat -a

Remember, without DNSClient your resolution will not be cached unless you have another program or piece of hardware caching resolutions. Your browser is ALREADY caching resolutions, so DNSClient is redundant and even slows down browsing in some cases added a secondary and unnecessary call. Chrome for example has a DNS Preresolver so once the DNS resolution is established from primary forwarder, you are much better off than using DNSClient.

For non-browsers, DNS resolution without a cache/resolver will be imperceptibly slower. Ping your DNS and find your non-browser cache speed, usually sub-20ms, something you likely won't perceive. For example if you launch a game it's resolving already during the launch period so a >20ms resolution poll won't be perceptible AT ALL..

If you have a local DNS (Pi-Hole, strongly recommended), DNSClient WILL slow everything down because it's adding a second or third layer, totally unnecessary cache to your system. If you use Heimdal, it's adding ANOTHER dns cache because Heimdal itself has a small caching agent from your primary resolver so DNSClient once again gets in your way.

We know over the years, that things like DNSClient are junk and should be disabled..

Flaw in Windows DNS client exposed millions of users to hacking

Microsoft Windows DNS Client Buffer Overflow Vulnerability

Microsoft Windows DNS Client Service Response Spoofing Vulnerability | | Norton

https://support.microsoft.com/en-us...nerability-in-dns-client-could-allow-spoofing

Junk. That is the right word for DNS Client. I will never enable it again. Thanks for all the help and info man.
 
Upvote 0

conceptualclarity

Level 21
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 23, 2013
1,072
Back when I used to stock my Hosts file with MVPS Host File through jv tools, i would get blocked from visiting all kinds of legitimate websites, including Newegg. When I quit MVPS Host File and only used Spybot and Malware Domain List (via HostsMan) I quit having that problem. You'll never get me to go back to MVPS Hosts File.
 
Upvote 0

The Security Guy

Level 1
Thread author
Verified
Mar 1, 2017
32
Back when I used to stock my Hosts file with MVPS Host File through jv tools, i would get blocked from visiting all kinds of legitimate websites, including Newegg. When I quit MVPS Host File and only used Spybot and Malware Domain List (via HostsMan) I quit having that problem. You'll never get me to go back to MVPS Hosts File.

'Back in the day' it may have happened but 'today' I think no such problem exists.
 
Upvote 0

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top