Should I disable DNS Client Service while using MVPS Hosts file? I am asking this question because I am having download slow downs. My downloads are real slow-just 15 Kb/s. I am not sure whether MVPS Hosts file is the reason for this.
Should DNS Client Service Be Disabled When Using MVPS Host File?
- Thread starter The Security Guy
- Start date
DNS and Host have no impact on download. DNS would be slow resolutions or lack of resolution and speed related to resolution. But not actual speed or download speed, etc.
Upvote
0
yes you should disable it if you have many entries in your hosts file
if you have very few entries, you can keep it enabled
I tried to keep it enabled but my browsing speed noticeably decreased
after disabling, it was a lot faster
I think it doesn't affect the download speed. Perhaps, the download server was having some problems. Try a different download manager
if you have very few entries, you can keep it enabled
I tried to keep it enabled but my browsing speed noticeably decreased
after disabling, it was a lot faster
I think it doesn't affect the download speed. Perhaps, the download server was having some problems. Try a different download manager
Last edited:
Upvote
0
OK. Do you think MVPS Hosts file is big enough that I should disable DNS Client Service? And If I disable it will I get internet or will I have any other problems or any other thing that I should be aware of?
Upvote
0
- May 13, 2017
- 2,489
You need to setup DNS servers manually before disabling the service, otherwise DNS lookup will fail.
Windows 10 Configuration
Upvote
0
it's big enough
I consider >100 entries are big
when you disable DNSclient, make sure you allow all of your programs are able to connect to port 53 unless they will fail to connect to the internet
I noticed when I block port 53 of chrome, it failed to connect when DNSclient was disabled but was working fine with DNSclient enabled
I allowed chrome to connect to port 53, it's working well now
so far, this is the only thing I notice
Last edited:
Upvote
0
- May 13, 2017
- 2,489
Why not? It prevents DNS poisoning, plus a few more things. Unless you are far from DNS server, you do not need caching anyway.
How to enable/disable DNS cache in Kaspersky Anti-Virus 6.0 for Windows Workstations MP4
Upvote
0
because we are in Europe so the speed difference is not easily noticeable
I have 2000 entries in my hosts and I could notice some slowdown with DNSclient on. You can try to disable it and compare the difference although it's not so obvious
Upvote
0
- Aug 17, 2013
- 1,905
I've never suffered a DNS poisoning attack. A lot of these attack vectors and Malware we here of are not really going to affect that many savvy MT members.
Upvote
0
DNS Client is just local caching of DNS. DNS Client can safety be disabled and won't impact your computer or any programs on it for the most part, but resolution of DNS entries may be 'slightly' slower. DNS Client is basically your local DNS Cache so resolution doesn't have to traverse the WAN. A host file is loaded into the DNS Client, and after X number of entries it can cause slow resolutions. (but not slow speed)
DNS Client actually has MANY issues. First, it can be used to spy on you. A piece of malware, spyware or telemetry gathering tool can harvest plain-text stored DNS Client Cache and determine every site you've ever visited since the last flush. As you can see this is problematic. STEAM has used DNSClient to spy and discover if people went to cheating websites, then VAC ban them as a result of DNSClient Cache without any evidence of actual hacking use.
Steam's VAC protection now scans and transfers your DNS cache - gHacks Tech News
Windows DNS Resolution also uses Multi-Homed. What this does is Windows seeks out 'other' DNS sources on your network of it's own accord to find a 'faster' resolution other than primary DNS forwarder. This is both dangerous and reckless as it violates DNS integrity on a network and can cause DNS Hijacking. If a closer DNS is maliciously served, then all entities on your network change resolution to the multi-homed version which has a shorter resolution time. This 'feature' of Windows should be immediately disabled.
Can DNSClient go away? Certainly. Will it slow resolution? Possibly.. There are many variables. If you have a fast DNS resolver then the impact will be tiny if at all noticeable. If your router caches DNS and has a fast forwarder you won't notice any decline. If you have a local DNS Server (Windows Server, BIND, Pi-Hole)then you may want to disable it. Also they've greyed out the service controls for it so you need to get more creative to disable it. Despite this client being a targeted service for Malware, Microsoft has decided you should always have it on..
Microsoft assumes almost nobody plays in the registry but you can safely disable DNS Client by changing START TYPE to 4 (from 2) in;
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache
I've disabled it on every machine. I don't want M$ caching everything I visit, do you? Besides, my local DNS server is WAY faster than windows and actually made my resolutions noticeably faster once it was disabled.
DNS Client actually has MANY issues. First, it can be used to spy on you. A piece of malware, spyware or telemetry gathering tool can harvest plain-text stored DNS Client Cache and determine every site you've ever visited since the last flush. As you can see this is problematic. STEAM has used DNSClient to spy and discover if people went to cheating websites, then VAC ban them as a result of DNSClient Cache without any evidence of actual hacking use.
Steam's VAC protection now scans and transfers your DNS cache - gHacks Tech News
Windows DNS Resolution also uses Multi-Homed. What this does is Windows seeks out 'other' DNS sources on your network of it's own accord to find a 'faster' resolution other than primary DNS forwarder. This is both dangerous and reckless as it violates DNS integrity on a network and can cause DNS Hijacking. If a closer DNS is maliciously served, then all entities on your network change resolution to the multi-homed version which has a shorter resolution time. This 'feature' of Windows should be immediately disabled.
Can DNSClient go away? Certainly. Will it slow resolution? Possibly.. There are many variables. If you have a fast DNS resolver then the impact will be tiny if at all noticeable. If your router caches DNS and has a fast forwarder you won't notice any decline. If you have a local DNS Server (Windows Server, BIND, Pi-Hole)then you may want to disable it. Also they've greyed out the service controls for it so you need to get more creative to disable it. Despite this client being a targeted service for Malware, Microsoft has decided you should always have it on..
Microsoft assumes almost nobody plays in the registry but you can safely disable DNS Client by changing START TYPE to 4 (from 2) in;
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache
I've disabled it on every machine. I don't want M$ caching everything I visit, do you? Besides, my local DNS server is WAY faster than windows and actually made my resolutions noticeably faster once it was disabled.
Last edited by a moderator:
Upvote
0
OK. I disabled DNS Client and everything seems to be working fine. But I don't see how I will be able to check if programs are able to access port 53?
Upvote
0
you can use TCPView -> press Ctrl+R or press the letter A icon next to the floppy disk icon (Under options) -> look at the "Remote port" column, you will see if any program is using port 53 or 5353
Upvote
0
they don't always use them. just sometimes when they need, especially after we disable DNSclient. Sometimes, I monitor my network, I see port 53 popping up
with DNSclient enabled, port 53 is almost always using if I'm not mistaken
Upvote
0
Similar threads
