Jump to content


Photo

Best Hosts file to prevent spyware/malware?


  • Please log in to reply
4 replies to this topic

#1 auctionhugh

auctionhugh

    Member

  • Full Member
  • Pip
  • 13 posts

Posted 21 July 2004 - 07:55 AM

I want to add a hosts file to our company's DNS server. I believe this will block sites for all our users! My goals for this file are as follows:

1. Will block all current sites that malware/spyware/adware is automatically downloaded from and installed onto surfer's computers.

2. Will not interfere with regular surfing

3. Is kept up to date as new malware/spyware/adware is released.

So here is the problem: There are many decent hosts files out there but they interfere with normal internet usage by blocking things like commission-junction, etc. CJ and the like are needed for sites like techbargains which use that to do redirects when you click on a "hot deal" on their site. I don't care about our users' surfing getting "tracked" but I do not want 404 pages to come up due to hosts file blocking in regular usage. I don't care about blocking ads in general, because our high speed internet access makes it pretty unnecessary.

Is there a maintained hosts file out there that anyone knows of that blocks only malware/spyware/adware but not other stuff?

Thanks!
Hugh

----
Click to visit Kallen Web Design
Posted Image

#2 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,317 posts

Posted 21 July 2004 - 09:15 AM

See http://www.mvps.org/...p2002/hosts.htm and http://forums.spywar...showtopic=14844

You can of course edit if it blocks more than you want it to.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#3 auctionhugh

auctionhugh

    Member

  • Full Member
  • Pip
  • 13 posts

Posted 21 July 2004 - 09:39 AM

Thanks for your thoughts. The problems with "edit if it blocks more than you want" are:

1. It is hard to find out what commission tracking tools are used by the various websites.

2. Once you edit it, when you download an updated version of the hosts file, you have to edit it all over again. My experience is this is a real pain.



----
Click to visit Kallen Web Design
Posted Image

#4 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,317 posts

Posted 21 July 2004 - 10:21 AM

Actually I don't know why you would need to edit it. The hosts file redirects URLs back to 127.0.0.1, your own PC. You would never get a 404.

But there are approaches I prefer to hosts file -

SpywareBlaster protects against bad ActiveX.
http://www.javacools...areblaster.html

IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
https://netfiles.uiu...ww/resource.htm
Both are very small free programs that you run once, and then just occasionally to check for updates.

(I only use hosts file for resolving names when DNS not updated, or unavailable)..

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#5 auctionhugh

auctionhugh

    Member

  • Full Member
  • Pip
  • 13 posts

Posted 21 July 2004 - 01:27 PM

Excellent thoughts. Ok...

1. 404 might not be the right screen, but when I use a hosts file that eliminates commission links, and I click on a commission link, I get a dead link rather than the page it would have pointed me to. This is not practical in our business. I need those links to work.

In other words, I believe the mvps hosts file blocks the commission junction type links. Or for example "click.linksynergy.com" is one used by techbargains or slickdeals I believe. These are blocked by the mvps hosts not because of their redirects but because in some ways they track users. I can understand that, but I need these sites' links to work.

2. The sites in restricted zone is a great idea for one machine, but it is not practical for keeping up to date on 100 computers here. However the hosts file could sit only on our DNS machine (which our T1 flows through) and would block spyware for all our 100 computers! If I could get a hold of a hosts file that would not block valid links, this would be a really easy solution for us.

Thanks,
Hugh

----
Click to visit Kallen Web Design
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button