<<< B.I.S.S. HOSTS file Protection Guide >>>
###################################################################
Mirrorred at SpywareWarrior Forum :
http://www.spywarewarrior.com/viewtopic.php?t=3089
And at Gladiator Antivirus Security Forum:
http://gladiator-antivirus.com/forum/index...showtopic=21818
Bluetack HOSTS
- Information and Download -
http://bluetack.co.uk/hosts.html
http://www.bluetack.co.uk/forums/index.php?showforum=125
:: Bluetacks NEW Hosts File ::
http://www.bluetack.co.uk/forums/index.php?showtopic=8406
#####################################################
##############
Why should I use a HOSTS file?
The HOSTS file can help to prevent spyware / malware from making connections to and from your computer and also prevent your browser from accessing sites which serve advertising or collect marketing data on you.
By making good use of the HOSTS file, you will greatly improve your safety on the internet , saving your bandwidth and reducing the chances of being hijacked.
You can feel more comfortable knowing that you have increased your protection against rampant spyware & adware , while also reducing the amount of personal information that is being gathered about you from websites.
It's important to keep your HOSTS file updated like most other security tools , many of the HOSTS files listed on this page are updated regularly to keep up with the newer malicious sites discovered.
=======================================
What it does ...
QUOTE
The Hosts file contains the mappings of IP addresses to host names.
This file is loaded into memory at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS.
This prevents access to the listed sites by redirecting any connection attempts back to the local machine.
Another feature of the HOSTS file is it's ability to block other applications from connecting to the Internet, as long the the entry exists.
You can use a HOSTS file to block ads, banners, cookies, web bugs, and even most hijackers.
This is accomplished by blocking the Server that supplies these little gems.
Example - the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing.
This also prevents the server from tracking your movements
This file is loaded into memory at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS.
This prevents access to the listed sites by redirecting any connection attempts back to the local machine.
Another feature of the HOSTS file is it's ability to block other applications from connecting to the Internet, as long the the entry exists.
You can use a HOSTS file to block ads, banners, cookies, web bugs, and even most hijackers.
This is accomplished by blocking the Server that supplies these little gems.
Example - the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing.
This also prevents the server from tracking your movements
Blocking Unwanted Parasites with a HOSTS File -
Proudly now the #1 rated HOSTS file on the Internet!
http://www.mvps.org/winhelp2002/hosts.htm
=======================================
How do I install this HOSTS file?
Simply download the file and put it in the following location depending on your Operating System:
Windows XP C:>WINDOWS>SYSTEM32>DRIVERS>ETC
Windows 2K C:>WINNT>SYSTEM32>DRIVERS>ETC
Windows 98/ME C:>WINDOWS
The Hosts file must have no extension to work properly , no .txt .doc. etc , it should just be labelled Hosts
Please read this great post by Blackspear at Wilders Security Forums , for an extremely well detailed guide to installing a Hosts file [ with pictures
] <> http://www.wilderssecurity.com/showthread.php?t=78363 <>
=======================================
Just in case your wondering : You cannot block IP addresses in a HOST file , only the hostname.
Example:
YES: fedora.nictechnetworks.com
NO: 69.20.16.183
Entries in the Hosts file must begin with localhost address 127.0.0.1 [ or another null address to resolve the unwanted hostnames to ]
127.0.0.1 fedora.nictechnetworks.com
While you cannot use IP addresses to block connections with a Hosts file you can use an IP address in a Hosts file to "override" the DNS resolution of a hostname.
One commonly seen and totally safe entry for TDS-3 [ Trojan Defence Suite ] users is the IP for Diamondcs.com.au to redirect users from their old forum to the new sites IP address , which can be accessed using a hotkey setup inside TDS-3.
203.161.127.141 www.dcsresearch.com
64.91.255.87 www.dcsresearch.com
Hijackers can also make use of this however, often hijacking the hosts file to allow redirection of search engines or well known security sites to the IP address of the hijackers site instead. Usually to keep their victims from seeking any help.
Hijack redirection example:
69.20.16.183 search.netscape.com
69.20.16.183 ieautosearch
66.79.171.75 www.google.com
66.79.171.75 www.yahoo.com
66.79.171.75 www.altavista.com
Hijack security site prevention example:
These entries below will prevent a computer from accessing any of the security sites for help.
127.0.0.1 www.kaspersky.com
127.0.0.1 www.f-secure.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 customer.symantec.com
127.0.0.1 rads.mcafee.com
127.0.0.1 trendmicro.com
127.0.0.1 liveupdate.symantecliveupdate.com
127.0.0.1 www.mcafee.com
127.0.0.1 mcafee.com
127.0.0.1 viruslist.com
CWS trojans and other hijackers can easily change the read only settings of Hosts files to allow them to overwrite the Hostfile entries.
A good example is the recent SpySherrif / SpywareNo Hijacker in this thread
http://www.bluetack.co.uk/forums/index.php?showtopic=9994
It not only took out my locked Hosts file , but the trojans that accompanied the hijack also disabled the windows taskmanager and many of my security programs as well..
You cannot be too protected in my opinion , the more layers of security you have set up the better.
A well maintained/updated Hosts file will stop most if not all of the known threats from getting into your system , the unknown threats will need to be handled by the next layer of protection.
=======================================
NOTE: Extremely large Hosts files may slow down browsing in windows 2000 / XP , it is advised to switch the DNS Client service in services.msc to manual or disabled.
Go to start-> run-> [ type in] Services.msc
Scroll down to DNS Client and select the option to set it to disable/manual.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Excellent HOSTS File Guides / Information :
http://www.spywarewarrior.com/viewtopic.php?t=410
http://www.bleepingcomputer.com/forums/ind...showtutorial=51
http://www.accs-net.com/hosts/index.html
##############################
Recommended HOST file downloads:
##############################
MVPS HOSTS file:
http://www.mvps.org/winhelp2002/hosts.htm
Great HOSTS file information site -
http://www.accs-net.com/hosts/index.html
HOSTS File / ADSERVERS Lists -
http://pgl.yoyo.org/adservers/
hostsfile.mine.nu
http://hostsfile.mine.nu/downloads/
XenHosts V1.1
http://www.x9000.net/
=======================================
The ULTIMATE ADBLOCKING / HOSTS File Resource Page
Great compilation of Hosts file and adblocking alternatives by security expert Eric L Howes:
http://www.spywarewarrior.com/uiuc/soft8a.htm#HOSTS
===============================================
- Recommended HOSTS file management tools -
===============================================
- Bluetack Hosts Manager - By our awesome Admin Kimberly -
:: Download ::
http://www.bluetack.co.uk/modules.php?name...nload&cid=7
:: Information ::
http://www.bluetack.co.uk/forums/index.php?showtopic=9240
---------------------------------------------------------------------------
:: B.I.S.S. HOSTS Switch ::
http://www.bluetack.co.uk/forums/index.php?showtopic=13516
Instead of having the Bluetack's Hosts Manager open to disable / enable your hosts file, we've decided to offer you an Add-On : Bluetack's Hosts Switch
It loads a small application which shows if your Hosts file is readable and it allows you to quickly enable / disable the Hosts file.
If you are using Internet Explorer, you can add a toolbutton to the default Toolbar to launch the program very quickly. You can set it to load at Windows boot - Normal or in the Tray ...
B.I.S.S. Hosts Manager 1.7 is recommended to access the full features of the add-on. If you already have B.I.S.S. Hosts Manager 1.7 installed, you don't need to download this Add-On separately, it's included from the 1.7 version.
Select Custom Setup if you want to change the default install folder. If B.I.S.S. Hosts Manager is installed, it's recommended that you install this Add-On in the same folder.
Want easy access while browsing ? Add a button to your IE ToolBar .... it will open up the program when you click on it.
This feature only works with Internet Explorer.
When you check the option in the program, start a new Internet Explorer instance afterwards. If the button does not show up on the toolbar, you might need to go to View | Toolbars | Customize and move the Hosts Switch button from "Available toolbar buttons" to "Current toolbar buttons".
-----------------------------------------------------------
- HOSTER by Toadbee
.. [Admin @ Gladiator Anti-virus Security Forum] ..
>> Download Link <<
http://www.funkytoad.com/download/hoster.zip
More information / screenshots / discussion in Bluetack members security tools section:
http://www.bluetack.co.uk/forums/index.php?showtopic=2838
-------------------------------------------------
- Hostess -
http://accs-net.com/hostess/
HOSTS file manager with Hosts Toggle integrated
QUOTE
The Hostess program has been designed to help you easily maintain your Hosts file for the purpose of blocking servers rather than for its original purpose of quicker DNS lookups. It stores the hostnames in an indexed database, eliminating duplicates and placing hosts into logical groups that can be ordered for efficiency. Hostess has powerful import, export and search features. It can even create a registry file for adding domains to the Internet Explorer Restricted Zone.
Hostess will warn you if you already have the same entry in your Hosts file so you can avoid duplicates.
-------------------------------------------------
Another great Hosts file application by Toadbee :
Homer v1.0 - ß1
QUOTE
Homer v1.0 - ß1
What is Homer?
Homer is a Localhost webserver.
Homer listens to IP 127.0.0.1 for connections on port 80 - Logs requests, and serves up a picture of your choosing.
Huh?
If you use an Ad-Blocking HOSTS file - Such as HPGuru’s or Bluetack’s - you may see alot of “cannot connect” type messages and missing graphics.
Running Homer will change that by serving an image of your choice. Doing so will make pages load faster as a consequence.
What is Homer?
Homer is a Localhost webserver.
Homer listens to IP 127.0.0.1 for connections on port 80 - Logs requests, and serves up a picture of your choosing.
Huh?
If you use an Ad-Blocking HOSTS file - Such as HPGuru’s or Bluetack’s - you may see alot of “cannot connect” type messages and missing graphics.
Running Homer will change that by serving an image of your choice. Doing so will make pages load faster as a consequence.
See here for full details:
http://babbling.funkytoad.com/
-------------------------------------------------
- Hosts Toggle -
http://accs-net.com/hosts/HostsToggle/
QUOTE
Switch on / off HOSTS file blocking with a click of a button
-------------------------------------------------
- Aldos Hosts Manager -
http://www.aldostools.com/hosts.html
QUOTE
Merge hosts / remove duplicates
===============
=============
Other handy tools:
=============
===============
- FastNet99 -
QUOTE
FastNet99 is a network utility that will speed up your web browser every time you want to connect to a web site on the Internet, by avoiding time consuming DNS lookups. It provides all the tools you need to help diagnose network problems and get information about users, hosts and networks on the Internet or on your Intranet. It combines DNS Lookup, Ping, TraceRoute, WhoIs, Finger, Time Synchronizer, KeepAlive and more...
http://w3.quipo.it/gcriaco/
-------------------------------------------------
- NS-Batch -
QUOTE
JIM PRICE created this utility to allow host name lookups of lots of IP addresses.
It also lets you interactively look up host name from IP addresses or IP addresses from hostnames.
Just feed it a file with IP addresses in it (of the format 127.0.0.1), and it will dig out the addresses,
look up the hostnames, and create a text file containing:
1) the IP address in hex (useful for sorting)
2) the IP address in dotted-octet format (i.e., 207.43.183.2)
3) the corresponding hostname, (i.e., www.jimprice.com) and
4) the hostname reversed (i.e. com.jimprice.www)
5) additional status information about the lookup (whether or not it worked)
You can then import the text file into your favorite word processor, spreadsheet, or other program, and sort it by IP address or other fields. Also, the program now includes features to probe a subnet (listing all the computers on a given network), and to display your local host's IP address, as well as some amount of flexibility in the output format
It also lets you interactively look up host name from IP addresses or IP addresses from hostnames.
Just feed it a file with IP addresses in it (of the format 127.0.0.1), and it will dig out the addresses,
look up the hostnames, and create a text file containing:
1) the IP address in hex (useful for sorting)
2) the IP address in dotted-octet format (i.e., 207.43.183.2)
3) the corresponding hostname, (i.e., www.jimprice.com) and
4) the hostname reversed (i.e. com.jimprice.www)
5) additional status information about the lookup (whether or not it worked)
You can then import the text file into your favorite word processor, spreadsheet, or other program, and sort it by IP address or other fields. Also, the program now includes features to probe a subnet (listing all the computers on a given network), and to display your local host's IP address, as well as some amount of flexibility in the output format
- http://www.jimprice.com/jim-soft.htm#nsbatch
-------------------------------------------------
- Host File Reader -
QUOTE
HOSTS file reader should be avoided as it will destroy custom hosts file entries , and reduce large HOSTS file to 64k in size.
=============================
============================
:: IP ADDRESS GUIDES ::
============================
=============================
IP Addresses Explained -
http://www.bleepingcomputer.com/forums/ind...showtutorial=37
BLUETACK IP ADDRESS GUIDE
http://www.bluetack.co.uk/forums/index.php?showtopic=52
===========================
The ULTIMATE Network Resource Page -
http://www.spywarewarrior.com/uiuc/info19.htm
===========================
==========================
:: WHOIS LOOKUPS ::
==========================
===========================
http://ws.arin.net/cgi-bin/whois.pl
http://ripe.net/cgi-bin/search/gdquery.cgi?
http://www.apnic.net/apnic-bin/whois.pl
http://www.whois.sc/
http://www.dnsstuff.com/
http://www.samspade.org/
http://www.completewhois.com/
http://www.demon.net/external/
http://www.all-nettools.com/toolbox
http://www.dshield.org/ipinfo.php?ip=XXX.XXX.XXX.XXX
http://www.fixedorbit.com/search.htm
============================
===========================
:: IP INDEX SITES ::
===========================
============================
http://www.fixedorbit.com/welcome.htm
http://www.flumps.org/ip/index.html
http://www.sbslinks.com/Ipaddress.htm
############################################################