Eastie
2014-09-07, 00:55
Hi,
In the interest of avoiding slowdowns in browsing, I try not to let my hosts file get unnecessarily large. To that end I took a look at the thousands of hosts SS&D is adding to it during immunizations. Name resolution is taking substantially longer than necessary in general, in part because of the many injected hosts which do not have any 'A' Record IP addresses associated with them. That is; they would not resolve in any event, but time is still being taken on a constant basis to sort through one's local "database" that contains them.
I've attached a list of the needless, unresolving hosts: 11775. I found there are at least 10,000 bad entries. This does not include some bad hosts that I removed after the last time I performed a hosts-file review (with less scrutiny) subsequent to a Spybot immunization years ago. [They were blocked from being programmatically re-added.] Additionally, the zip file contains a simple command-line batch tool to verify resolution of an entire hosts file sequentially. It can take quite a long while to run. I suggest replacing one's host file temporarily and entirely with this list of expired hosts, prior to running it. The tool won't remove any entries from your hosts file; it will simply produce a list like mine - perhaps identical to it - within the folder from which it is run, of the expired/needless entries. Please examine the contents of the batch file before running, and you will plainly see that this is the task it performs. (It also describes itself onscreen at the initial run prompt.) It reads the HOSTS file in the default Windows location, ie, %SYSTEM%\drivers\etc\HOSTS.
Feel free to verify this list using the attached tool or by other means and then having done so, please trim your own HOSTS files, local and distributed. A measurable increase in users' local machine performance will result from shorter lookup times - perhaps as much a few seconds on each lookup, multiplied by a large number of lookups during every hour of operation, depending on caching scheme. NOTE: it is possible that some of these hosts (likely very few) will resolve to responding IPs for you even though I cannot find 'A' Records for them, since my DNS resolvers may already be filtering such particular hosts, system-wide.
Thanks!
In the interest of avoiding slowdowns in browsing, I try not to let my hosts file get unnecessarily large. To that end I took a look at the thousands of hosts SS&D is adding to it during immunizations. Name resolution is taking substantially longer than necessary in general, in part because of the many injected hosts which do not have any 'A' Record IP addresses associated with them. That is; they would not resolve in any event, but time is still being taken on a constant basis to sort through one's local "database" that contains them.
I've attached a list of the needless, unresolving hosts: 11775. I found there are at least 10,000 bad entries. This does not include some bad hosts that I removed after the last time I performed a hosts-file review (with less scrutiny) subsequent to a Spybot immunization years ago. [They were blocked from being programmatically re-added.] Additionally, the zip file contains a simple command-line batch tool to verify resolution of an entire hosts file sequentially. It can take quite a long while to run. I suggest replacing one's host file temporarily and entirely with this list of expired hosts, prior to running it. The tool won't remove any entries from your hosts file; it will simply produce a list like mine - perhaps identical to it - within the folder from which it is run, of the expired/needless entries. Please examine the contents of the batch file before running, and you will plainly see that this is the task it performs. (It also describes itself onscreen at the initial run prompt.) It reads the HOSTS file in the default Windows location, ie, %SYSTEM%\drivers\etc\HOSTS.
Feel free to verify this list using the attached tool or by other means and then having done so, please trim your own HOSTS files, local and distributed. A measurable increase in users' local machine performance will result from shorter lookup times - perhaps as much a few seconds on each lookup, multiplied by a large number of lookups during every hour of operation, depending on caching scheme. NOTE: it is possible that some of these hosts (likely very few) will resolve to responding IPs for you even though I cannot find 'A' Records for them, since my DNS resolvers may already be filtering such particular hosts, system-wide.
Thanks!