Slashdot Mirror

"Web anti malware firm Dasient has published data claiming that more than 1 million Web sites were compromised in the second quarter, 2010 - a sharp increase. *In Sean Connery's James Bond voice* Of course they have." - by AnonymousClown (1788472) on Thursday September 16, @12:25PM (#33600940)

I don't know about THAT, however? Well - I DO know that my personal custom HOSTS file is nearly @ 1 million absolutely unique entries of known bad sites/servers, and it took me nearly 10++ yrs. now to get it to that # no less!

I populate it from very reputable & reliable sources listed below:

----

http://ddanchev.blogspot.com/
http://www.malware.com.br/lists.shtml
http://securitylabs.websense.com/content/alerts.aspx
http://www.stopbadware.org/
http://blog.fireeye.com/
http://mtc.sri.com/
http://www.scansafe.com/threat_center/threat_alerts
http://news.netcraft.com/
http://www.shadowserver.org/
https://zeustracker.abuse.ch/monitor.php?filter=online
http://en.wikipedia.org/wiki/Hosts_file
http://www.mvps.org/
http://someonewhocares.org/
http://hostsfile.mine.nu/hosts0
http://hosts-file.net/?s=Download
http://www.stopbadware.org/home

+ Spybot "Search & Destroy" IMMUNIZE feature add ons also...

----

In fact, as far as growth this summer alone? It's been more than usual, and last summer last year was the same it seems/iirc too...

However: Ahem - 1 million++ new known bad sites &/or servers, & in just 1 quarter?

(Hey, anything's possible, but that's a bit "excessive/steep" imo @ least... still, one never knows! Still, I somehow DOUBT it's that bad out there. Yes, it's bad, but not THAT bad... I don't think so @ least, and I tend to keep pretty steady-eddy tracking of this up (for over 10++ yrs. now @ sites & sources such as those listed above via populating my custom HOSTS file for both added security AND added speed))

I.E./E.G.-> The # of entries of known bad sites &/or servers in my HOSTS file, which a great deal of came from my sources listed above no less, had grown this year from July 15th 2010 to Sept. 15th 2010 by almost 18,000 entries alone at the tail-end of this summer alone (up to 881, 543++ total entries, & gaining typically between 50-250 more each day).

It's crazy out there now, but it doesn't affect "me or mine", because I cannot be hurt by that which I cannot enter to get hurt by it, such as a bad website that's malscripted or bears a malware, because that's what HOSTS files do, at least part in the way of security (and more for speed such as adbanner blocking (which also helps security too, because many a banner ad has been found with malicious code in it too the past few years now as well), and site IP-to-URL hardcoding): HOSTS files, if done right, can keep you from getting burned in a bogus kitchen, so-to-speak!

Still - 1 million++ new known bad sites in just 1 quarter this year 2010? I have trouble with that estimation, in believing it to be blunt about it, & yes, I have been looking at this type of data for quite a long time now (over 10++ yrs. in fact, in making a custom HOSTS file to protect vs. this type of lunacy).

APK

P.S.=> Since I

10 ADVANTAGES OF HOSTS FILES OVER BROWSER ADDONS ALONE, & EVEN DNS SERVERS:

1.) HOSTS files eat A LOT LESS CPU cycles than browser addons do no less (since browser addons have to parse each HTML page & tag content in them)!

2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are. HOSTS files cover & protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).

3.) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).

4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).

5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).

6.) HOSTS files are EASILY user controlled, updated and obtained (for reliable ones see mvps.org ) & edited too, via texteditors like Windows notepad.exe or Linux nano or kate (etc.)

7.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers, as they are NOT code, & because of what's next too

8.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.

9.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE - NOT just a single webbrowser type (e.g. FireFox/Mozilla & its addons exemplify this, such as ADBLOCK) and you already own one, and they run on any OS that uses the BSD reference design IP stack (all of them today pretty much if NOT all of them).

10.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - You might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own, & this? This stops that cold, too! Bonus...

Still, it's a GOOD idea to layer in the usage of BOTH browser addons for security like adblock, &/or NoScript!

(Especially the latter one in NoScript: I mention it, because it covers what HOSTS files can't in javascript (which is the main deliverer of MOST attacks online & SECUNIA.COM can verify this for anyone really by looking @ the past few years of attacks nowadays), for the concept of "layered security").

****

Of course, you also have to note that ADBLOCK IS DETECTABLE ITSELF, AND BLOCKABLE, also! Proof? Ok:

----

ArsTechnica blocking Adblock?

https://adblockplus.org/forum/viewtopic.php?f=2&t=5266

----

However, they could NOT do that to HOSTS files users though! So, due to that? See the above 10 points in favor of HOSTS files (especially over adblock alone)...

APK

P.S.=> Best part of all is, HOSTS files are 100% FREE, and they work (you already own one) and reliable reputables copies can be obtained from these sources: http://www.mvps.org/winhelp2002/hosts.htm (MVPS version) as a single example thereof... apk

No way to archive Entourage data with Spotlight.

Actually, there is:
Using Spotlight to search Entourage.

Hosts files don't support wildcards...

A better solution is to just get a good hosts file :)

I highly recommend MVPS HOSTS. It blocks pretty much all of the nasties and it's updated regularly.

A proper hosts file can help here. http://www.mvps.org/winhelp2002/hosts.htm/

From my experience, any speedup gained from using 0.0.0.0 instead of 127.0.0.1 would only be detectable by measurement. I've been using a long, custom /etc/hosts file for many years now. I had one on my 800 MHz, single-core, G3 iBook and there was absolutely no noticeable slowdown--and I even had Apache up and running, serving up a custom 404 so I could see a note whenever it blocked an ad (in an IFRAME; images just came in as broken) and it even logged all 404s because I never bothered to turn logging off. It ran just fine, and today's hardware is one or two orders of magnitude faster. However, the speedUP due to blocked ads was QUITE noticeable.

Here's how to test: go to 127.0.0.1/blop. Maybe relead a few times. Watch how fast the page loads. Does it take a while? No? Then don't worry about it. I'm on an iMac right now with web serving off and when I type in that address and press 'enter', Safari finishes drawing its error message before my finger is off the key.

By the way, AdBlock and proxy servers are also cool but the thing I like about /etc/hosts is that it works with every browser, for every user, and needs no configuration. Then I also install a flash blocker on a per-browser basis and the Web is a happy place.

How about going back to basic Internet technology as an approach to help solve this? Most of us know about the host file. Let's spread the word about what can be achieved with that. It can help reduce many threats, including tracking. And it's totally platform independent. Here is an example of what can be done easily for most people: http://www.mvps.org/winhelp2002/hosts.htm Download it, read a bit and get rid of ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. Many others can be found. Heck, you could even manage it yourself like I used to back then if you are masochist. The only drawback is that it makes some pages look real ugly. But then, do you actually need to go there if it is so riddled with garbage?

/etc/hosts FTW

A custom /etc/hosts file is not the ultimate solution for all of your ad-blocking needs, but it's DAMN handy and, contrary to what some people will tell you, it does NOT hurt the system in any way. I had a large custom /etc/hosts file on an old machine--a single-core 800 MHz G3 iBook--and the only performance difference I noticed was the gigantic INCREASE in speed when browsing. I had Apache running with a custom 404 that said "Another blocked ad!" and even though you only see it for iframe ads, I still saw it a LOT. Bonus: /etc/hosts works on all installed browsers with no configuration needed, so even a naked install of Chrome, Opera, IE, whatever, is pretty nice even before you configure all the browser-specific adblockers.

Security in layers, man. But even all by itself, /etc/hosts kicks all kinds of ass. Even when I use Safari with no other ad blocking software, the Web is a pretty pleasant place. (Especially if you also add ClickToFlash.)

mvps.org hosts lists is a nice start.

I usually combine it with chrome ad hiding capabilities.

then install a adblocking hosts file.

http://www.mvps.org/winhelp2002/hosts.htm

If your phone is jailbroken you can replace your hostsfile with your own. There are several hostsfiles available that are targeted at blocking ad / malware sites. ( http://www.mvps.org/winhelp2002/hosts.htm for example )

That way it's not only your browser that won't recieve any ads but every application on the device will be ad free as well. Saves you bandwith and anoyance :)

Two pieces:

Ad blocking hosts file

Flashblock

Web browsing just got a whole lot faster.

The first ad with sound that I encountered on the internet was an ad for some soda. (Coke or pepsi, don't know, don't care)

You get 1 guess what the sound effect was. :)

Yep, that's right. "KA-CHUNK. SLLLLLLLLLLLLUUUUUUUUUUUURRRRRRRRRRRRRRRRRRRRRRPPPPPPPPPPPPPP! AHHHHHHHHHHHHHHHHHHHHHHHHH"
(wow even slashdot's posting filter thinks my TEXT rendition is annoying :)

You get 1 guess where I was when I encountered that ad. :)

Yep, that's right, at work. I had the sound turned up because I was listening to music that was quiet, too.

I installed Proxomitron that same day. I even wrote some custom filters for it. When that project died I switched to the hosts file everyone knows about. ( http://www.mvps.org/winhelp2002/hosts.htm - #3 on Google for "hosts")

To all sites: serious about getting viewers to see your ads?

First, don't make them so damn annoying. Don't allow crappy ads on your site, period.
Second, use your own ad server. If it's not in the hosts file, I don't block it unless it becomes an annoyance.

I was all ready to jump on board. Then I read the following two things that made the skies cloud over on my parade.

Editors Note: in most cases a large HOSTS file (over 135 kb) tends to slow down the machine.

To view the HOSTS file in plain text form. (599 kb)

On Mac OS X, Safari and a custom /etc/hosts file does it for me. Oh, and ClickToFlash FTW.

What ads?

> head -5 /etc/hosts
##
# Host Database
#
# This MVPS HOSTS file is a free download from:
# http://www.mvps.org/winhelp2002/

Apparently, you are not a Excel user.
Try copy/pasting your post above into an Office '97 Excel cell and see what happens.

Option to do something like that correctly wasn't added until the 2007 edition.
Why?
Was it because Microsoft is an evil heartless corporation that intentionally chokes and cripples their own applications just so they can keep selling you another version WITH those options a few years down the road?
Or could it have something to do with available processing power and memory on an average PC in '97, 2000, 2003 and 2007?

Also, if you find Office '97 a paragon of text and statistical data editing, publishing and presenting... You need to get out more.

Though I still really wish I had Ghostery and NoScript.

IMO there is no need for them with a good HTTP proxy like Privoxy. Add a bit of Incognito use and a good user.action file, and all is great. I made my own user.action file ages ago from the MVPs.org hosts file, and ever since the world has been good. It's here if you are interested.

Opera and a good hosts file can go a long way in keeping the riff raff off your system.

http://www.mvps.org/winhelp2002/hosts.htm

Its not security by itself but I find it combined with some other stuff really helps (I install this little thing on almost every machine I get my hands on, even an out dated version is better then nothing)

A cool side benefit of this hosts file is that it blocks a lot of ads (I guess by extension a lot of ads possibly loaded by compromised web pages?)

Per my subject-line above, & this URL below (where you asked your questions):

http://slashdot.org/comments.pl?sid=1495166&cid=30715150

"Hi APK :)" - by Foredecker (161844) * on Sunday January 10, @11:57AM (#30715150) Homepage Journal

Hello Foredecker!

----

"Happy new year! Its been the Christmas and New years holiday. I've been on vacation. So has almost anyone else I'd need to talk to about this. We're all back now, but we're all very busy getting going after the Holidays." - by Foredecker (161844) * on Sunday January 10, @11:57AM (#30715150) Homepage Journal

Great, that's good news (& pretty much what you wrote in your email also)...

----

"Be patient :) Ill get to this. I just dont know when. I think I can get back to you by mid February, but it may be March.." - by Foredecker (161844) * on Sunday January 10, @11:57AM (#30715150) Homepage Journal

That's ok - See... this isn't just for "my benefit", but for all the folks that use HOSTS files

(Folks like Mr. Oliver Day @ securityfocus.com -> http://www.securityfocus.com/columnists/491 who KNOWS it gains you better online speeds AND security (as he states it in his article there for SYMANTEC) , the folks @ mvps.org -> http://www.mvps.org/winhelp2002/hosts.htm and the folks @ bluetack/BISS who do also -> http://blocklistpro.com/biss-hosts-file-manager.html & many others online, like myself, who know BOTH the added speed and security benefits inherent in the use of a CUSTOM HOSTS file...

I mean, hey - After all:

You folks @ Microsoft can regain what you yourselves made as a BETTER STANDARD (setting a new one) in HOSTS files being able to use a 0 blocking address (which in turn yields a faster internal parsing format per each line record in a HOSTS file for blocking purposes by doing so, because of less characters per line (using 0, vs. 0.0.0.0 or worse yet, 127.0.0.1) as well as a small HOSTS file...) back as far as Windows 2000, albeit, in a service pack AFTER its original distro on CD... which you kept up even into VISTA, up until MS "Patch Tuesday" on 12/08/2008, when it was suddenly removed... why though?

The fairly "recent" changes to the IP stack in VISTA/Windows Server 2008/Windows 7 have resulted in some "StRaNgE" stuff happening like -> http://www.microsoft.com/technet/security/bulletin/ms09-050.mspx OR here -> http://www.microsoft.com/technet/security/advisory/977544.mspx and, of course, what rootkit.com said about unhooking the firewall design based on NDIS6/WFP now being EASIER TO UNHOOK THAN THE OLDER MODELS OF WINDOWS HAD -> http://www.rootkit.com/newsread.php?newsid=952 ...

(I'm only trying to help you AND your company, by pointing this issue I have noted on HOSTS files being unable to use a 0 blocking address internally is all (because HOSTS files are invaluable for gaining both SPEED, and LAYERED SECURITY)... &, because the numbers & "physics of it" tend to bear out what I state here as the absolute truth is all as to the efficiency of the 0 blocking address format, vs. 0.0.0.0 &/or 127.0.0.1 ...)

There is, again, per my email to you, another issue surrounding this: That's the local DNS Client Cache FAILING on larger HOSTS files... that's another one to look into, in regards to this HOSTS files issue too.

Ok then, let's be PRECISE:

"Well, that was a useless 12000 character post. All you have done is failing to rebut my rebuttals" - by icebraining (1313345) on Saturday January 16, @04:49PM (#30793396)

What EXACTLY did I fail to disprove from YOUR end? I addressed each of your points, & it still appears I have MORE IN HOSTS FILE'S FAVOR, vs. ADBLOCK, by far... so, let's look @ your list again:

"Good luck using the Hosts file in a computer where you don't have admin privileges.

Also, the Hosts file can't be auto-updated, like adblock [adblockplus.org].

And Hosts file block all the domain - good luck blocking that big annoying image or flash animation that's served from the same domain as the content.

And as far as I know Adblock removes the ad *before* Firefox tries to load it, so I doubt it even sends a DNS request. But with Firefox you can use both Adblock and Hosts, and get the advantages of the two. Chrome can't." - by icebraining (1313345) on Friday January 15, @04:18PM (#30784074)

OK, then, here we go, vs. YOUR "POINTS" on HOSTS being 'inferior to' ADBLOCK:

----

1.) Easily overturned, even on VISTA/Windows Server 2008/Windows 7 via "Run as Administrator" type priveleges, or, just resetting file/folder ACL's (easy to do no less on all accounts)

2.) AutoUpdating HOSTS files is as simple as going to mvps.org or here -> http://www.mvps.org/winhelp2002/hosts.htm since it is REGULARLY updated there (or, just by using SPYBOT S&D, or others of the numerous sources I noted here for that)

3.) Blocking out ENTIRE DOMAINS is necessary & useful for security (Especially when they're KNOWN as malware purveyors, or botnet "C&C servers", &/or maliciously coded site pages or adbanners even (yes, they too have been shown to harbor malicious code too many times now the past 4-5 yrs.)... & "turning off" a HOSTS file is just RENAMING it temporarily, OR, just "editing out" the potentially 'offending' record from your HOSTS file, using a text editor like notepad.exe!

4.) NOT FOR HARDCODED WEBSITES (like favs. your regularly visit), because a HOSTS file is the FIRST THING your IP stack looks to for HOSTNAME/DOMAINNAMES in URL's resolution to their correct IP address (before DNS servers are queried mind you)? You get that correct resolution, FAR FASTER (& safer actually, per my next point -> ) & SAFER than from more than POTENTIALLY EXPLOITED (see Dan Kaminsky online for PLENTY of evidence to this) OR EVEN DOWNED or "DNS POISONED" DNS Servers (you will STILL reach those favs. even if a DNS server is down, & safely, IF POISONED).

----

(Those ARE my "rebuttals" to each of your points from your original list above (& they're solid enough on MY part!))

APK

P.S.=> Once more - Here is my list, in FAVOR of HOSTS FILES, vs. ADBLOCK (amended per the 1 point you did make I can't overcome for ALL circumstances (just most though, lol)):

(Again, disprove EACH POINT I MAKE, CONCLUSIVELY (not just in certain circumstances ONLY))

10 POINTS IN FAVOR OF HOSTS FILES vs. ADBLOCK:

----

1.) HOSTS files eat no CPU cycles like browser addons do no less!

2.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://en.wikipedia.org/wiki/Hosts_file [wikipedia.org] [wikipedia.org] ) & edited too (as is adblock) via any text editor (which every system has).

3.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are (OR, even DNS servers).

4.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE

5.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even

6.) HOSTS files are also NOT se

You can block the ads via hosts file: http://www.mvps.org/winhelp2002/hosts.txt

IPv4 I would think so, my HOSTS file is 600kB from http://www.mvps.org/winhelp2002/hosts.htm (I don't soley rely on it as I also use AdBlock+ with FF), but if everything went IPv6 overnight the blocklists could get into some seriously ludicrus filesizes.

You missed a lot of other google owned ad tracking services & blocked the sites he wants to use. There are a huge list of google ad servers. Grab the hosts file from: http://www.mvps.org/winhelp2002/hosts.htm they keep that updated & it'll block some of the other ad & spy stuff too.

Also make sure 'Web History' isn't enabled on your google accounts (my account page), or when you're logged out (top right corner of search results).

You have to give up some privacy as the cost of using their services, but it's quite easy to block some of their tracking.

It looks like a hosts file is what you want then. If you really don't want to spend any time on it, just download the MVPS HOSTS file from http://www.mvps.org/winhelp2002/hosts.htm but that blocks pretty much everything. Otherwise just put the few in there that you want to block.

I prefer to support those sites that I like to visit since I'm not paying them. I'm not really going to pay much attention to their ads, but at least they'll make enough to cover the cost of serving the page to me. I just want block the egregious ones. Sounds like you're about the same,

http://windowsxp.mvps.org/peboot.htm

The solution is simple:
vi /etc/hosts
add:
127.0.0.1 ad.doubleclick.net
...
etc.

Even easier, as I thankfully learned from Slashdot a long time ago, this downloadable MVPS hosts file instantly prevents connecting to ads, spyware as well as other "parasites" and is constantly updated.

Since adopting it, I no longer wait for ad servers and a side benefit is not even being exposed to the ads!

I personally use adblock in addition to the hosts file from http://www.mvps.org/winhelp2002/hosts2.htm It just redirects known bad/ad domains to loopback. Some affiliate sites (like bing cashback) are affected, but its easy to find them and comment out those entries. Quite often Ill find an ad that adblock misses and it just loads up a blank window because it was blocked by the host file.

Use a HOSTS file that is reviewed by many people sharing the objective of ridding themselves of malware, and boom, there goes the $$$ spent on that new domain. http://www.mvps.org/winhelp2002/hosts.htm

I use the hosts file found at http://www.mvps.org/winhelp2002/hosts.htm

Its like an adblock for your whole system, works with every browser and to top it off it ads a little nastyware protection (not quite as useful under Linux but the ad removal still works)

I rarely see an ad and when I do thats when I know its time to update that file.

I should probably make the disclaimer that I am an Opera user with a side of Firefox.

Exactly. I don't run an anti-virus programs either at home, and I think the last virus I got was in 2000. I tried WinClam, or ClamWin or w{ever}tf it is called recently just to verify everything was OK.

If I do download a program, I try to find an open source version first, or failing that, look at it in hexdump to see if it looks suspicious.

I would say the main reason is that web browsing is safer these days.
i.e.
adblock, noscript, and good 'ol host blocking from http://www.mvps.org/winhelp2002/hosts.htm

All I ever really use from Spybot anymore are the immunization tools. Since it can immunize almost everything it can detect, then running a scan is almost pointless if you set it up right to begin with. First swap hosts file for the one at http://www.mvps.org/winhelp2002/hosts.htm then run immunization. Sitting behind OpenDNS and that blocks almost all bad addresses/links without any additional processes on your system.

I've never used malwarebytes, but Im gonna download now and look it over.

You linked to Steve Gibson's site instead of the MVPs site! Why would you do that? His revision is from 6/14/2006.
http://www.mvps.org/winhelp2002/hosts.txt

Maybe you are using Host file ?

http://windowsxp.mvps.org/RedirectFolders.htm

I like this for ad blocking, no software to run and it works great. http://www.mvps.org/winhelp2002/hosts.htm The hosts file they have is amazing in the amount of crap it filters and by crap I do not just mean advertisements also it blocks out real garbage. Its even worth the effort of forcing it down vista's throat.

So ... you want Opera to include in their main browser a feature that you know is an optional 3rd party plug-in in for Firefox?

Have you considered why Adblock might be a 3rd party plug-in? Apart from the "barebones" bit. Could it be because the first sign that Mozilla is actively including a list of ads to block, they will be sued into the ground in the US and other places for interfering with other people's income? And while they might win such a lawsuit, don't they have better ways to spend their money?

And if they were to lose such a lawsuit, Mozilla might get off somewhat easy, as they are a non-profit organization. Opera on the other hand isn't.

Now, is it possible to make a third party addition to Opera that shares adsites to block? Certainly. I'm willing to bet that it's also possible to use the same lists that Adblock uses. To make things easy to start with, it could use mvps' list as a starter.

And, if you really want to be pedantic, there's always the option of using Google to find what you're looking for. There seems to be quite few attempts at recreating Adblock:
Tamil's My.Opera blog
OperaWiki.info has some suggestions
Lex1's blog on My.Opera also has some ideas

There's even a Flashblock for Opera

Basically it boils down to the same complaints you hear about Linux from people who are used to Windows: "but I need $program, and I don't want to look for replacements".

Now, what is the best option for you? I have the faintest idea. I'm quite satisfied with the built in filtering as it is. If I go to a site that has some annoying banners, it rarely takes me more than 30 seconds to block them, and I can live with that.

Is it as effective as Adblock? No clue - I don't use Adblock or Firefox if I can avoid it. It lacks the basic things that I love in Opera. Funny how that works out - one man's must have item is another man's "meh".

And if you want to be really pedantic, the one thing that Firefox still kind of needs is a built in ad blocker that's as good as Adblock.

i run a p3 700mhz,512mb ram box with dnsmasq and a proper hosts file on said server. I have a comcast connection, but i believe comcast isn't filtering nx records in florida yet?

...STOP ABUSING the hosts file like a clueless idiot! Seriously, 14MB of plain text that needs to be parsed for every lookup? That's the most retarded thing I've ever seen.

Mine is only 216k and comes from here.

At those proportions, there are WAY more efficient methods...

I use a custom /etc/hosts to block ads. I don't need to block them all, I'm happy with /etc/hosts blocking most. I don't know what happens when a hosts file gets as huge as the GP is describing but on a modern multi-gigahertz machine, my file gets parsed basically instantly. And, in fact, it actually worked just fine on my 800 MHz G3 iBook six years ago. So basically, for any modern computer, it has zero visible impact. And even if it took, say, a second to parse, that would be more than offset by the MANY seconds saved by not downloading and rendering ads.

...if you know that domain evil.invalid is hostile, you can't afford to miss some hosts below it. Otherwise, what's the point?

I agree that it's not perfect, but it's not like I run around engaging in any risky behavior just because I have a custom /etc/hosts file. Something is better than nothing. You're making two things black and white. LOTS of things aren't perfect--that doesn't mean they're completely worthless. Your car isn't as safe as a tank, so why bother driving at all, right?

And anyways, diverting traffic to 127.0.0.1 or 0.0.0.0 is changing semantics in so many ways. Suppose you start running a local HTTP server for testing purposes and all that traffic is suddenly hitting it. It's just wrong.

Well, first of all, I don't care about being theoretically "wrong" if the actual, real-life result is "just fine." I have noticed NO ill effects from running a custom /etc/hosts file for the last several years. And as a matter of fact I DO run http servers on my computers and I've never had an /etc/hosts-related problem. (The only thing I could see that might cause an issue would be logging, but that's easy enough to fix in httpd.conf.) In fact, it's better than fine. I've got a custom 404 page which says "Another blocked ad!" so I get a little happy reminder every time I see it in an iframe instead of an ad. And, if I ever get around to it, I'll make that page a PHP script that asks "Do you want to unblock this page?" because my wife occasionally hits it when she clicks on a Google ad, or you run into occasional dumbness like if you go to wellsfargo.com and click on "Sign up now" in the left column the link goes to https://adfarm.mediaplex.com/ad/ck/6878-38920-3408-45 -- wtf?!?!?

"Blocking" hosts by listing them in the hosts file is an evil evil evil ugly hack conceived by clueless idiots that can't manage to run a local proxy where you could block domains with simple regular expressions and only for protocols which need them blocked. Or running a local DNS cache where you could blacklist domains so you get a semantically correct (for your purpose) NXDOMAIN error.

Yeah, but it works. And it's easier than installing and maintaining yet more software. (I've tried a couple proxies in the past and both were non-trivial to get working.) And regarding this: "Or running a local DNS cache where you could blacklist domains"--didn't you just say "you should instantly realize that security doesn't work with blacklists"?

All I know is that whenever I go to another computer and get swamped by ads, I'm reminded of how great my little system is.

One more thing: if all you want to do is block an ad or a software update or a validity check, WHO GIVES A FUCK if you get a "semantically correct NXDOMAIN error"?!?!?!? I don't lie awake at night wo

It isn't the default, but you can configure Opera to allow you to close all tabs. When you close the last one, it goes away, and you have no tabs until you create a new one. It's a perfectly logical way to work that I haven't seen any other web browser copy yet.

I've been using Opera for ages, and I find it humorous how everyone gets excited about new browser features when I've had them for quite some time.

I don't recall when Opera first included tabs, but it was ages before any other web browser. It's particularly funny how everyone was excited that Chrome put the tab bar above the address bar, so that the address bar is effectively a part of that tab, when it was that way in Opera since the very beginning and it always annoys the fuck out of me that it doesn't work that way in other web browsers.

Now I hear a lot of stuff about AdBlock and NoScript for Firefox. With Opera you can go to any web site and Right Click->Edit Site Options where you can block any page content you don't like, or disable javascript or java or plugins in general for that web site. There are also easily accessible toggles for javascript/java/plugins under Tools->Quick Preferences. There's no general ad-blocking that I'm aware of, but I haven't looked into it since I always use the winhelp2002 hosts file and so I don't see ads anyway.

http://www.mvps.org/winhelp2002/hosts.htm

That isn't to say it's without its problems. One annoying as fuck thing about it is that it's far too happy to send clipboard contents to Google. Middle-clicking anywhere in the Opera window takes the clipboard contents and, if they aren't a valid URL, sends them off to Google or some other search engine as a search query. It's a hell of a privacy problem if you ask me. I sent them a bug report about it, suggesting that they change it so that it only does that when you middle-click the new page button or perhaps the tab bar, but I suspect they don't give a fuck.

Which isn't a surprise, no one gives a fuck what I think. I also sent a suggestion that HTTP uploads come with some sort of progress indication, so that users aren't confused into thinking that the page load has failed when five minutes later after clicking "upload" nothing has happened. It makes perfect sense to me. We've had download progress indicators for ages, it's about time we have upload progress indication as well, and having web browsers provide this information is a lot cleaner than the hacks that web sites are forced to use to avoid the confusion of their users.

Come to think of it, I also sent in a bug report about the fact that HTTP uploads fail if the file name contains apostrophes since they aren't properly escaped in the mime content, nor are long file names properly split over multiple lines. Of course, every web browser I could get my hands on suffered from the exact same problems, but Opera's fail was particularly humorous since, instead of uploading the file, it uploaded half a dozen copies of it's "file not found" HTML page that it displays locally when it can't find a local file typed into the URL box. All of the other web browers simply choked and failed to upload anything.

It is a wonderful browser, however. For everything I hate about it I hate a lot more about others. Konqueror is damn-near a winner, though. The only thing that turns me away from it is that, like all KDE applications, it features "single click menus" which means that if you right click, the menu appears before you release the button, so that you can move the mouse over the item you want and select it by releasing the button. For compatibility, you can also just release the button, move the mouse, and click what you want. The problem comes when, in the process of clicking the button and releasing it, you happen to move it just one pixel down and to the right, so that it's now on the fucking menu, and you accidentally select whatever the fuck is first on the menu. I searched for a solution, in

The change of the user interface in Office 2007 is one huge hidden cost. It was done to make things "easier" with the result that old users instead have to re-learn the user interface completely and have a really hard time to do even the things that were simple before.

What I find interesting is that Microsoft's TCO claims depend on retraining costs, yet they seem to put the retraining cost for Office 2007 at zero.

You can't switch to OpenOffice because it will be so expensive to retrain your users, but you can switch to Office 2007 with low TCO?

And in line with the subject of this discussion, does Word 2007 still eat large documents the way earlier versions of Word used to? One of the major advantages touted for OpenOffice is "it doesn't eat your files." As a specific example, the master document feature is not recommended.

Get this, http://www.mvps.org/winhelp2002/hosts.htm don't forget to go Start->Run->services.msc -> shut off dns client.

The only ads you'll see are the ones served from the site you're on. Helps protect against phishing sites too.

That, and my GOD he's got a lot of porn!

Seriously, though, I agree with the parent. /etc/hosts ftw!

If you want to get rid of most malware issues setup the host file to block malicious hosts and add servers on the net. This works very well for me along with using clamwinav on the xp boxes. I also make sure that spybot is installed as well. All 3 work great together. You can get the modified host file here http://www.mvps.org/winhelp2002/hosts.zip

Hmmm...that's odd...my sister demands that I install host block on any computer I set up for her.

Odd indeed.

This is my favourite piece of sanity: http://www.mvps.org/winhelp2002/hosts.htm One hosts file, one reboot, no more problems anywhere. Shit google ads don't even work. They may show up, but you can't click em. I just got tired of waiting for shit ads to load. I never clicked em, so I'm actually saving the sites money by not having to serve me an ad I'll never click. This also stops tons of phishing sites and other malware. I can even use ie and opera and don't see ads.

Gah. People who ask "does it work with AdBlock?" in every single thread about any browser other than Firefox (and asking rhetorically, rather than doing two seconds of research and posting an honest "Hey, I checked, and it doesn't work with AdBlock") are getting to be just like area men who constantly mention that they don't own televisions.

Area resident Jonathan Green does not own a television, a fact he repeatedly points out to friends, family, and coworkers... According to Melinda Elkins, a coworker of Green's at The Frame Job, a Chapel Hill picture-frame shop, Green steers the conversation toward television whenever possible, just so he can mention not owning one.
 
Elkins said Green always makes sure to read the copies of Entertainment Weekly and People lying around the shop's break room, "just so he can point out all the stars and shows he's never heard of."
 
"Last week, in one of the magazines, there was a picture of Calista Flockhart," Elkins said, "and Jonathan announced, 'I have absolutely no idea who this woman is. Calista who? Am I supposed to have heard of her? I'm sorry, but I haven't.'"

FFS, AdBlock is not the only solution to annoying ads. I spend 99% of my time in Safari on OS X because I like it a whole lot more than Firefox (for various reasons I won't bother going into here) and the combination of a custom /etc/hosts file and a flash blocker (can't find it right now... one was released, then discontinued, and now there's another, I forget the name, but I've got it at home; only works in 10.5; there seem to be several non-free solutions) make the Web pretty tolerable. (Plus that particular /etc/hosts file blocks many spyware and malware sites, so it's great to have on Windows--security in layers, and all that--and it works for all browsers on the system, with no additional configuration needed at all .)

That said, as excited as I was when Chrome came out, the fact that Safari got pretty good, pretty fast (version 4) makes me not even worry that Chrome may never make it to the Mac. Every once in a while, competition really works. :-)

Then we'll need another newer tag.

Two words: /etc/hosts

I have never run AdBlock on any system (98% of my browsing is Safari on OS X) and I still see very few ads. Is it as good as AdBlock, or as easily configurable? Maybe not, and no. Does it do a pretty awesome job, with every browser on the system, with nearly no configuration EVER needed, and no per-browser setup required? Yes. And also block lots of spyware and adware? Yes.

Actually, something like that exists for Linux and any OS that uses DNS - check out OpenDNS.

http://www.opendns.com/

You can configure what levels of filters to use and even customize the page that opendns supplies when a forbidden link is clicked.

They are also working to block some of the botnet phone homes.

All you need to do is use their name servers. You can set up an account and configure what gets blocked and what doesn't.

Also check out an enhanced hosts file at http://www.mvps.org/winhelp2002/hosts.htm.

That will block a lot of requests from ever leaving the computer. You can also add in whatever others you want as well.

This code, executed on a dd-wrt router, will give all your clients 30 seconds of nothing during commercials when watching Hulu videos. It will block most other browser ads also but what the hell... Works really well with Slashdot.

Just add it to your startup section and enjoy a nearly ad-free internet.

----
logger WAN UP Script Executing
sleep 5
test -s /tmp/dlhosts
if [ $? == 1 ] ; then
echo -e "#!/bin/sh\nwget -O - http://www.mvps.org/winhelp2002/hosts.txt | grep 127.0.0.1 | tr -d '\015\032' | sed -e '2,\$s/127.0.0.1/0.0.0.0/g' -e 's/[[:space:]]*#.*$//' -e '2,\$s/0.0.0.0 localhost$/127.0.0.1 localhost/g' -e '2,\$s/0.0.0.0 pagead.*.googlesyndication.com//g' | grep 0.0 > /tmp/hosts\nlogger DOWNLOADED http://www.mvps.org/winhelp2002/hosts.txt\nkillall -1 dnsmasq" > /tmp/dlhosts
chmod 777 /tmp/dlhosts /tmp/dlhosts
fi
ln -s /tmp/hosts /etc/hosts
echo "45 23 * * 5 root /tmp/dlhosts" >> /tmp/crontab
-----