abuse.ch · Domains · Slashdot Mirror

* HOWEVER: You don't NEED TO KNOW THAT, since the program above uses most all of those sources listed above, & does the work for you, of - Import, Deduplicate & Filter/Normalize + Convert blocking address format used, Speed up hardcoded favorites (which ARE what can solve redirection problems in DNS & most likely here too with facebook mind you), & Save to hosts itself... from those very reliable & reputable sources for custom hosts file data online!

APK

P.S.=> Enjoy if you use the program I wrote above, & good on your part to see here that you have enough sense to take advantage of custom hosts files for better online speed, security, reliability, & of course, even better anonymity (to an extent, vs. DNS request logs OR vs. DNSBL's you may not like too)...

... apk

Re:Let's see if this works by Anonymous Coward · 2012-12-25 11:35 · Score: 0, Funny · on You're Being DDOSed — What Do You Do? Name and Shame?

Jorge, you can name me all you want, but there is no shame is using a hosts file to block DDoS Packets. I have a foolproof list that blows away your arguments.

P.S.=> There's other methods also, via native to OS tools for network-wide propogation of fresh clean updated hosts files that program yields IF you only installed it on a "central server" for clean hosts for all nodes/workstations/servers:

I.E.-> Centrally managed hosts files? Easy as pie via logons scripts, or parse of autoexec in Windows @ bootup via GPEdit & group policies company-wide!

OR

Using taskscheduler on each workstation/server node periodically

P.P.S.=> Of course, your HOSTS file will need to have the domain/hosts name of the C&C servers, & that you have to obtain for this to work vs. threats like bogus servers &/or maliciously scripted sites. Here's some good sources for that above & beyond mvps.org (I noted them above):

http://hosts-file.net/?s=Download
http://www.malwaredomainlist.com/hostslist/hosts.txt
http://mirror1.malwaredomains.com/files/ (justdomains here)
http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
http://sysctl.org/cameleon/hosts
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
https://spyeyetracker.abuse.ch/monitor.php?filter=lastupdated
http://www.apkgoatsestylepersonalpics.com/hostsfiles.htm
http://www.malwareurl.com/
http://www.safer-networking.org/en/download/ (updater for Spybot "Search & Destroy" & it fortifies HOSTS files)

Those are some of my regular sources that are reputable & reliable for custom HOSTS file data populations vs. known threats online - I consolidate them here via programs I wrote that normalize/deduplicate repeated entries, sort/alphabetize the results, & change from larger + slower 127.0.0.1 (longer & loopback ops happen here) to the faster & smaller 0.0.0.0 (or even 0 on Windows 2000/XP/Server 2003): Enjoy!

... apk

P.P.P.P.S.=> There you go... it all works, GUI easily from my app, all the way out to any endpoint PC/Server on a LAN/WAN even... often as you like & CLEAN/FRESH too!

P.P.P.P.P.S=> It's good "layered-security"/"defense-in-depth" & does things AdBlock, DNS, & even firewalls can't (like speed up access to fav. sites + make them reliable in the event of DNS poisoning redirects or being "downed" even...) & gets P.P.P.P.P.P.S.=> back SPEED/BANDWIDTH users pay for out of pocket along with their POWER BILL too...

P.P.P.P.P.P.P.S.=> I skipped P.P.P.S=>

Re:Let's see if this works by Anonymous Coward · 2012-12-25 11:35 · Score: 0, Funny · on You're Being DDOSed — What Do You Do? Name and Shame?

Jorge, you can name me all you want, but there is no shame is using a hosts file to block DDoS Packets. I have a foolproof list that blows away your arguments.

P.S.=> There's other methods also, via native to OS tools for network-wide propogation of fresh clean updated hosts files that program yields IF you only installed it on a "central server" for clean hosts for all nodes/workstations/servers:

I.E.-> Centrally managed hosts files? Easy as pie via logons scripts, or parse of autoexec in Windows @ bootup via GPEdit & group policies company-wide!

OR

Using taskscheduler on each workstation/server node periodically

P.P.S.=> Of course, your HOSTS file will need to have the domain/hosts name of the C&C servers, & that you have to obtain for this to work vs. threats like bogus servers &/or maliciously scripted sites. Here's some good sources for that above & beyond mvps.org (I noted them above):

http://hosts-file.net/?s=Download
http://www.malwaredomainlist.com/hostslist/hosts.txt
http://mirror1.malwaredomains.com/files/ (justdomains here)
http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=1&mimetype=plaintext
http://sysctl.org/cameleon/hosts
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
https://zeustracker.abuse.ch/monitor.php?filter=lastupdated
https://spyeyetracker.abuse.ch/monitor.php?filter=lastupdated
http://www.apkgoatsestylepersonalpics.com/hostsfiles.htm
http://www.malwareurl.com/
http://www.safer-networking.org/en/download/ (updater for Spybot "Search & Destroy" & it fortifies HOSTS files)

Those are some of my regular sources that are reputable & reliable for custom HOSTS file data populations vs. known threats online - I consolidate them here via programs I wrote that normalize/deduplicate repeated entries, sort/alphabetize the results, & change from larger + slower 127.0.0.1 (longer & loopback ops happen here) to the faster & smaller 0.0.0.0 (or even 0 on Windows 2000/XP/Server 2003): Enjoy!

... apk

P.P.P.P.S.=> There you go... it all works, GUI easily from my app, all the way out to any endpoint PC/Server on a LAN/WAN even... often as you like & CLEAN/FRESH too!

P.P.P.P.P.S=> It's good "layered-security"/"defense-in-depth" & does things AdBlock, DNS, & even firewalls can't (like speed up access to fav. sites + make them reliable in the event of DNS poisoning redirects or being "downed" even...) & gets P.P.P.P.P.P.S.=> back SPEED/BANDWIDTH users pay for out of pocket along with their POWER BILL too...

P.P.P.P.P.P.P.S.=> I skipped P.P.P.S=>

Agreed, 110% (& you're not alone)... apk by Anonymous Coward · 2012-09-30 07:35 · Score: 0 · on Think Tank's Website Rejects Browser Do-Not-Track Requests

"I get exactly the same effect with my Hosts file" - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)

Excellent - You get better:

1.) Speed/Bandwidth
2.) "Layered-Security"/"Defense-In-Depth"
3.) Reliability (vs. downed or dns-poisoned redirected dns servers)
4.) Anonymity (to an extent, vs. DNS request logs + DNSBL)
5.) MULTI-PLATFORM ability to do the same (think smartphones, you can apply hosts there too)
6.) MORE EFFICIENT OPERATIONS (ring 0/rpl 0/kernelmode filtering @ THE IP STACK LEVEL, vs. ring 3/rpl 3/usermode layered on MORE INEFFICIENCY in browser addons)
7.) The ability to SHIELD OTHER APPLICATIONS from ads & threats (I used to do this using hosts for Opera before it was freewares, & Ubuntu users can do the same now (since part of it's adbanner sponsored now)

& FAR MORE... good choice on YOUR part, but... there's more you can do with hosts than merely adblocking (read on)!

---

"and for those that don't understand how they work, it's pretty god damn simple." - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)

They are, & SIMPLER than editing adblock lists, that is certain... hosts are just a text file with line records you can add/remove/alter etc. as you wish with tools you already own in text editors, but also for more?

Well, you can use the app I wrote that I posted about earlier... there's a reason I am noting this, since you are NOT USING custom hosts files TO THEIR FULL POTENTIAL!

Seriously...

(The app handles filtering them vs. comments & other bloating crap hosts files makers put in (they mean well, it's usually documentation, except MVPS which puts WAY TOO MUCH B.S. in theirs), importing hosts data from reputable & reliable sources, deduplication of hosts repeat bloating entries + making the hosts use a MORE EFFICIENT parse by using smaller blocking addresses (0.0.0.0 vs. 127.0.0.1)... & more!

---

"I never make the connection to the god damn server - no ad/malware or other crap to see. " - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)

"EXACTAMUNDO" & that?

That also EXTENDS TO MALWARE LADEN SITES/SERVERS/HOSTS-DOMAINS as well as adbanners!

So - that's where you aren't using hosts to their FULL potential here (as well as the fact you can "hardcode in" your FAVORITE SITES into it, making them resolve even FASTER than remote DNS can do!)

My "APK Hosts File Engine 5.0++" does all that for you, & "automagically" IF YOU WISH (it has the option to run automatically)...

If you opt NOT to use my app? Here's the sources I import from for your reference:

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
https://spyeyetracker.abuse.ch/monitor.php
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

---

"As to updating the damn thing every week? I don't do that." - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)

Well, per what I wrote above? Vs. mal

Agreed, 110% (& you're not alone)... apk by Anonymous Coward · 2012-09-30 07:35 · Score: 0 · on Think Tank's Website Rejects Browser Do-Not-Track Requests

"I get exactly the same effect with my Hosts file" - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)

Excellent - You get better:

1.) Speed/Bandwidth
2.) "Layered-Security"/"Defense-In-Depth"
3.) Reliability (vs. downed or dns-poisoned redirected dns servers)
4.) Anonymity (to an extent, vs. DNS request logs + DNSBL)
5.) MULTI-PLATFORM ability to do the same (think smartphones, you can apply hosts there too)
6.) MORE EFFICIENT OPERATIONS (ring 0/rpl 0/kernelmode filtering @ THE IP STACK LEVEL, vs. ring 3/rpl 3/usermode layered on MORE INEFFICIENCY in browser addons)
7.) The ability to SHIELD OTHER APPLICATIONS from ads & threats (I used to do this using hosts for Opera before it was freewares, & Ubuntu users can do the same now (since part of it's adbanner sponsored now)

& FAR MORE... good choice on YOUR part, but... there's more you can do with hosts than merely adblocking (read on)!

---

"and for those that don't understand how they work, it's pretty god damn simple." - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)

They are, & SIMPLER than editing adblock lists, that is certain... hosts are just a text file with line records you can add/remove/alter etc. as you wish with tools you already own in text editors, but also for more?

Well, you can use the app I wrote that I posted about earlier... there's a reason I am noting this, since you are NOT USING custom hosts files TO THEIR FULL POTENTIAL!

Seriously...

(The app handles filtering them vs. comments & other bloating crap hosts files makers put in (they mean well, it's usually documentation, except MVPS which puts WAY TOO MUCH B.S. in theirs), importing hosts data from reputable & reliable sources, deduplication of hosts repeat bloating entries + making the hosts use a MORE EFFICIENT parse by using smaller blocking addresses (0.0.0.0 vs. 127.0.0.1)... & more!

---

"I never make the connection to the god damn server - no ad/malware or other crap to see. " - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)

"EXACTAMUNDO" & that?

That also EXTENDS TO MALWARE LADEN SITES/SERVERS/HOSTS-DOMAINS as well as adbanners!

So - that's where you aren't using hosts to their FULL potential here (as well as the fact you can "hardcode in" your FAVORITE SITES into it, making them resolve even FASTER than remote DNS can do!)

My "APK Hosts File Engine 5.0++" does all that for you, & "automagically" IF YOU WISH (it has the option to run automatically)...

If you opt NOT to use my app? Here's the sources I import from for your reference:

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
https://spyeyetracker.abuse.ch/monitor.php
http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://www.stopbadware.org/
Spybot "Search & Destroy" IMMUNIZE feature (fortifies HOSTS files with KNOWN bad servers blocked)

---

"As to updating the damn thing every week? I don't do that." - by fast turtle (1118037) on Sunday September 30, @03:00PM (#41507585)

Well, per what I wrote above? Vs. mal

I can't get "hit" by these (you all know why) by Anonymous Coward · 2012-08-15 03:34 · Score: -1 · on Inside a Ransomware Money Machine

Krebs specifically notes Citadel &/or Zeus (there's variants like Ice IX too): Per my subject-line above?

I block out their C&C servers + other spreaders of them here via a custom hosts file, & "ZeusTracker" is one of my sources to do so, here -> https://zeustracker.abuse.ch/monitor.php?filter=lastupdated

What makes it EASY for me to do that, along with other sources for that type of information?

This app I wrote up!

For those of you that run Microsoft Windows 32 or 64 bit? An automated hosts file creation & mgt. program:

---

APK Hosts File Engine 5.0++ 32/64-bit:

Screenshot -> http://start64.com/images/win64/security/apk-hosts-file-engine-1.png

&

Download Site #1 -> http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74 [start64.com]

or

Download Site #2 -> http://securemecca.com/public/APKHostsFileInstaller/2012_06_01/APKHostsFileEngineInstaller32_64bit.exe.zip [securemecca.com]

a.) Extract its sfx installer file from the zipfile
b.) Run the installer from inside ANY folder you like, extracting the executables + datafiles to any folder you wish (usually one you create for it, doesn't matter where, but you MUST run it as administrator for FULL functionality (simple & the "read me" tab shows how easy THAT is to do))
c.) Then, & lastly - Run either the 32-bit OR 64-bit version (rightclick on the executable & set it to run as Administrator, OR, make a shortcut that can for FULL functionality (like write-protecting the hosts file, & more...))

---

What's it do for you?

It's a custom hosts file mgt. program that does the following for end users after it obtains custom hosts file data from 12 of the reputable & reliable sources listed below:

---

1.) Blocks out malware/malscripted sites
2.) Blocks out Known sites-servers/hosts-domains that are known to serve up malware
3.) Blocks out Bogus DNS servers malware makers use
4.) Blocks out Botnet C&C servers
5.) Blocks out Bogus adbanners that are full of malicious script content
6.) Gets you back speed/bandwidth you paid for by blocking out adbanners + hardcoding in your favorite sites (faster than remote DNS server resolution)
7.) Adds reliability (vs. downed or misdirect/poisoned DNS servers).
8.) Adds "anonymity" (to an extent, vs. DNS request logs)
9.) The ability to bypass DNSBL's (DNS block lists you may not agree with).
10.) More screen "real estate" (since no more adbanners appear onscreen eating up CPU, Memory, & other forms of I/O too - bonus!)
11.) Truly UNIVERSAL PROTECTION (since any OS, even on smartphones, usually has a BSD drived IP stack).
12.) Faster & MORE EFFICIENT operation vs. browser plugins (which "layer on" ontop of Ring 3/RPL 3/usermode browsers - whereas the hosts file operates @ the Ring 0/RPL 0/Kernelmode of operation (far faster) as a filter for the IP stack itself...)
13.) Blocks out TRACKERS
14.) Custom hosts files work on ANY & ALL webbound apps (browser plugins do not).
15.) Custom hosts files offer a better, faster, more efficient way, & safer way to surf the web & are COMPLETELY controlled by the end-user of them.

---

& MORE, in roughly 10-15 minutes runtime (on an Intel Core I7 920 Quad/4 core cpu @ 2.67ghz) & faster on faster CPU's (e.g. - Intel Core I7 3960 "extreme" 6-7 core CPUs = 7 minute runtim

21++ ADVANTAGES OF HOSTS FILES by Anonymous Coward · 2012-05-14 10:13 · Score: 0 · on The 30 Best Features of Windows

Over AdBlock & DNS Servers ALONE 4 Security, Speed, Reliability, and even Anonymity to an extent:

1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).

2.) Adblock blocks ads (not anymore apparently, lol:

Adblock Plus To Offer 'Acceptable Ads' Option

http://news.slashdot.org/story/11/12/12/2213233/adblock-plus-to-offer-acceptable-ads-option )

in only browsers & their subprogram families (ala email), but not all, or, all independent email clients, like Outlook!)

Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc..

3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.

4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).

5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions (in-addr.arpa) via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).

* NOW - Some folks MAY think that putting an IP address alone into your browser's address bar will be enough, so why bother with HOSTS, right? WRONG - Putting IP address in your browser won't always work IS WHY. Some IP adresses host several domains & need the site name to give you the right page you're after is why. So for some sites only the HOSTS file option will work!

6.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can.

7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:

GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):

http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/downloads/
http://hosts-file.net/?s=Download
https://zeustracker.abuse.ch/monitor.php?filter=online
https://spyeyetracker.abuse.ch/monitor.php
http://ddanchev.blogspot