I am just learning about hosts files and this is what I have so far.

A hosts file is a list of internet (site) domain names paired with an IP address. The hosts file is loaded into memory before any internet site is called. When a call is made, hosts is checked first. If the internet site is in hosts, then the call is directed to the corresponding IP address (not necessarily the site's actual IP address).

From what I understand, the Spybot hosts file is a list of sites that have been known to perpetuate nasties; each site is paired with the generic address for the local machine (127.0.0.1): The Spybot S&D hosts file is set up so that each nasty site is redirected to your local IP address (127.0.0.1). This effectively blocks you from ever actually connecting to the bad site: The nasty site cannot its perform malicious deeds on your system.

To view and edit your hosts file using Spybot S&D: If not in advanced mode, click on mode and select advanced, then select tools in the left pane, check the box beside hosts file in the right pane, and select hosts file in the left pane.

1) Is my understanding correct?

2) When you click on the "+ Add Spybot S&D hosts file" bar, what happens?

I have MVPhosts and am considering adding that hosts file to Online Armor firewall. 3) Is this advisable? 4) Is it necessary?

5) How can I find out what each "nasty" internet site is purported to do?

I suppose you could use the txt version of MVPS hosts as a blocklist however I'd post that question in the firewall's forum

Let's talk about a regular Host file in C:/HOSTS
When you load the MVPS file with the hosts manager I think it removes all current hosts entries and replaces them
sooooo
If you want to also have the spybot entries you must re-immunize or go to advanced mode and add hosts
I'm not quite sure how hosts work with updates and immunize as this is a relatively new feature of spybot- (or I just saw it :)

However you will now have the MVPS entries followed by a line
begin entries added by spybot
spybot entries here
end entries added by spybot

you will have many duplicate enteries
you can use a host manager to merge the lists
up to you
the duplicate lists do not actually take that long to scan- however large hosts list will

remember if you look at your host file when you save it you must save without an extension
OR
save as txt then go in and rename the file from HOST.txt to HOST
no problem with host.bak or host.old etc

Man- you want to check out thousands of entries?
try google
about the only time you need to do this is if a site you want is being blocked and you want to know why---GOOD IDEA- be cautious
then google and post question in this forum

Gorilla design studio website and mvps websites and HPHosts all have more information on hosts than you want to know

people also use Eric Howe's IE-SPyads list as the basis for firewall blocklists
let's hope more regular updates are forthcoming

let us know what you find out from online armor
some hardware firewalls allow blocklists as do some servers

All good information, but it will take a while to digest. Thank you for taking the time to answer in such detail. I had already come to the conclusion that it was best to trust the lists, then look deeper when I was blocked from using a site.

Also, I saw what was written about hosts in this sticky (http://forums.spybot.info/showthread.php?t=281) and it is very concise and understandable.

Ah the Old Get Smart Check the Stickies, FAQ and Search trick
MD_USA_SPYBOT_FAN writes well

What is new to me is that I'd never noticed Spybot adding to Host with immunize
I'd always done it through Advanced Mode
there is also a setting in spybot to try and help protect host from unauthorized changes

Ah the Old Get Smart Check the Stickies, FAQ and Search trick

Yes. I should have started there.


MD_USA_SPYBOT_FAN writes well

Yes. I wish that I wrote as well as he does.


What is new to me is that I'd never noticed Spybot adding to Host with immunize
I'd always done it through Advanced Mode

I had seen elsewhere that immunize does that and had seen that it is also recommended to "unimmunize" before immunizing. I guess this is the "undo" function.


When you load the MVPS file with the hosts manager I think it removes all current hosts entries and replaces them
sooooo
If you want to also have the spybot entries you must re-immunize or go to advanced mode and add hosts

Thank you for this information. I have seen, also, that the process is: MVPS backs up the current hosts, then creates a new one.


I'm not quite sure how hosts work with updates and immunize as this is a relatively new feature of spybot- (or I just saw it


I'm going to start with a fresh MVPS hosts, then check out the results of immunize, reimmunize and undo on hosts. I'm even more curious now.


there is also a setting in spybot to try and help protect host from unauthorized changes

I understand that this is an easy exploit to redirect a legitimate site to your malicious look-alike through hosts.


I suppose you could use the txt version of MVPS hosts as a blocklist however I'd post that question in the firewall's forum

I use Online Armor firewall and it has a hosts section. If you open a hosts file while this section is active, entries are imported to the OA hosts. You can then easily edit hosts by allowing or denying the entry to exist in hosts. OA monitors changes in hosts and notifies when a program wants to change hosts. This gives you a chance to block the change in real time.

Thank you, again, for posting on this subject.

I did not know that about online armor
learn something new every day
thanks

I think I read that Immunize has been adding to hosts since 1.5- I just never noticed
I'd always used the method in advanced mode