Results 1 to 6 of 6

Thread: Please help me understand hosts files

  1. #1
    Junior Member
    Join Date
    Jul 2008
    Posts
    11

    Default Please help me understand hosts files

    I am just learning about hosts files and this is what I have so far.

    A hosts file is a list of internet (site) domain names paired with an IP address. The hosts file is loaded into memory before any internet site is called. When a call is made, hosts is checked first. If the internet site is in hosts, then the call is directed to the corresponding IP address (not necessarily the site's actual IP address).

    From what I understand, the Spybot hosts file is a list of sites that have been known to perpetuate nasties; each site is paired with the generic address for the local machine (127.0.0.1): The Spybot S&D hosts file is set up so that each nasty site is redirected to your local IP address (127.0.0.1). This effectively blocks you from ever actually connecting to the bad site: The nasty site cannot its perform malicious deeds on your system.

    To view and edit your hosts file using Spybot S&D: If not in advanced mode, click on mode and select advanced, then select tools in the left pane, check the box beside hosts file in the right pane, and select hosts file in the left pane.

    1) Is my understanding correct?

    2) When you click on the "+ Add Spybot S&D hosts file" bar, what happens?

    I have MVPhosts and am considering adding that hosts file to Online Armor firewall. 3) Is this advisable? 4) Is it necessary?

    5) How can I find out what each "nasty" internet site is purported to do?

  2. #2
    Senior Member
    Join Date
    Oct 2005
    Location
    Los Angeles
    Posts
    219

    Default

    I suppose you could use the txt version of MVPS hosts as a blocklist however I'd post that question in the firewall's forum

    Let's talk about a regular Host file in C:/HOSTS
    When you load the MVPS file with the hosts manager I think it removes all current hosts entries and replaces them
    sooooo
    If you want to also have the spybot entries you must re-immunize or go to advanced mode and add hosts
    I'm not quite sure how hosts work with updates and immunize as this is a relatively new feature of spybot- (or I just saw it

    However you will now have the MVPS entries followed by a line
    begin entries added by spybot
    spybot entries here
    end entries added by spybot

    you will have many duplicate enteries
    you can use a host manager to merge the lists
    up to you
    the duplicate lists do not actually take that long to scan- however large hosts list will

    remember if you look at your host file when you save it you must save without an extension
    OR
    save as txt then go in and rename the file from HOST.txt to HOST
    no problem with host.bak or host.old etc

    Man- you want to check out thousands of entries?
    try google
    about the only time you need to do this is if a site you want is being blocked and you want to know why---GOOD IDEA- be cautious
    then google and post question in this forum

    Gorilla design studio website and mvps websites and HPHosts all have more information on hosts than you want to know

    people also use Eric Howe's IE-SPyads list as the basis for firewall blocklists
    let's hope more regular updates are forthcoming

    let us know what you find out from online armor
    some hardware firewalls allow blocklists as do some servers

  3. #3
    Junior Member
    Join Date
    Jul 2008
    Posts
    11

    Default

    All good information, but it will take a while to digest. Thank you for taking the time to answer in such detail. I had already come to the conclusion that it was best to trust the lists, then look deeper when I was blocked from using a site.

    Also, I saw what was written about hosts in this sticky and it is very concise and understandable.
    Last edited by Cirdan; 2008-07-14 at 20:49.

  4. #4
    Senior Member
    Join Date
    Oct 2005
    Location
    Los Angeles
    Posts
    219

    Default

    Ah the Old Get Smart Check the Stickies, FAQ and Search trick
    MD_USA_SPYBOT_FAN writes well

    What is new to me is that I'd never noticed Spybot adding to Host with immunize
    I'd always done it through Advanced Mode
    there is also a setting in spybot to try and help protect host from unauthorized changes

  5. #5
    Junior Member
    Join Date
    Jul 2008
    Posts
    11

    Default

    Quote Originally Posted by wyrmrider View Post
    Ah the Old Get Smart Check the Stickies, FAQ and Search trick
    Yes. I should have started there.

    Quote Originally Posted by wyrmrider View Post
    MD_USA_SPYBOT_FAN writes well
    Yes. I wish that I wrote as well as he does.

    Quote Originally Posted by wyrmrider View Post
    What is new to me is that I'd never noticed Spybot adding to Host with immunize
    I'd always done it through Advanced Mode
    I had seen elsewhere that immunize does that and had seen that it is also recommended to "unimmunize" before immunizing. I guess this is the "undo" function.

    Quote Originally Posted by wyrmrider View Post
    When you load the MVPS file with the hosts manager I think it removes all current hosts entries and replaces them
    sooooo
    If you want to also have the spybot entries you must re-immunize or go to advanced mode and add hosts
    Thank you for this information. I have seen, also, that the process is: MVPS backs up the current hosts, then creates a new one.

    Quote Originally Posted by wyrmrider View Post
    I'm not quite sure how hosts work with updates and immunize as this is a relatively new feature of spybot- (or I just saw it

    I'm going to start with a fresh MVPS hosts, then check out the results of immunize, reimmunize and undo on hosts. I'm even more curious now.

    Quote Originally Posted by wyrmrider View Post
    there is also a setting in spybot to try and help protect host from unauthorized changes
    I understand that this is an easy exploit to redirect a legitimate site to your malicious look-alike through hosts.

    Quote Originally Posted by wyrmrider View Post
    I suppose you could use the txt version of MVPS hosts as a blocklist however I'd post that question in the firewall's forum
    I use Online Armor firewall and it has a hosts section. If you open a hosts file while this section is active, entries are imported to the OA hosts. You can then easily edit hosts by allowing or denying the entry to exist in hosts. OA monitors changes in hosts and notifies when a program wants to change hosts. This gives you a chance to block the change in real time.

    Thank you, again, for posting on this subject.

  6. #6
    Senior Member
    Join Date
    Oct 2005
    Location
    Los Angeles
    Posts
    219

    Default

    I did not know that about online armor
    learn something new every day
    thanks

    I think I read that Immunize has been adding to hosts since 1.5- I just never noticed
    I'd always used the method in advanced mode

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •