Blocking spyware, adware and adverts OOB

[maxamoto]

All,

Here is a nifty trick to keep the 'Net bugs at bay. You can avoid most advertisements, spyware packages, popups and other nasties by editing your HOSTS file. Even better, you can import one during your unattended installs by adding a preconfigured HOSTS file. Simply go to This site and download the HOSTS file in zipped form. Then, in your XPCD (or whatever you call it) folder add the unzipped HOSTS file to the \$OEM$\$$\System32\DRIVERS\ETC\ folder. You can test it now by overwriting the original HOSTS file in SYSTEM32\DRIVERS\ETC\ on your current machine with the one you downloaded and navigate to Wired's webpage. You should see a "Page cannot be displayed" error where the advertisement usually sits at the top. Note that you might have to defeat whatever anti-spyware you run in order to do this, since it might be protecting your current HOSTS file. Anyway, the file on mvps.org is constantly being updated, and it's worth checking out in my opinion. Cheers!

NOTE: Edited post to reflect correct folder path to place updated HOSTS file.

Edited July 14, 2005 by maxamoto

[Delprat]

There is a default HOSTS file provided with Windows, so it's better to CAB your own one, and to replace the "HOSTS._" file in the I386 folder...

And also :

-> by running a webserver on your computer, you can display something that is better-looking than the default "404"

-> the "HOSTS protection" can be bypassed by any web-proxy (as anonimizer.com), so it's mandatory to filter them too

bye

Edited July 14, 2005 by Delprat

[Achdine]

The HOSTS file is what your browser checks to get address info website content (if the URL isn't found, then it checks the DNS). You can block ads by telling it to look for data from ad servers at the 127.0.0.1 address, which is your own computer, instead of at their websites. Be careful with this method though, it has several downsides.

First and foremost, it can block needed content if you aren't careful about what you choose to block. If it blocks something you need, the only way around it is to swap out Hosts files, which is a big hassle and usually involves rebooting, or at least restarting your browser. Also, it can only block entire sites (no wildcards or expressions), which means that if an ad is hosted on the wanted webpage you can't remove it.

The HOSTS file method can also be pretty slow, if you made a lot of additions. Your browser will chug away trying to find the data at the loopback address, and obviously won't, plus it has to search through a large text file. Some browsers will pop up an error if they can't find the data.

There is also a security risk. Someone can slip in a different IP address instead of the local one, and your information will be sent to them. Make sure all lines begin with 127.0.0.1 (or 0.0.0.0), and get the files from a website you trust.

Lastly, it's pretty ugly. You get an error message where the ad was supposed to be.

A far better solution is to use a browser like Firefox with the Adblock extension (I prefer a combo of Adblock Plus myself, which allows whitelisting, and CustomizeGoogle which can remove the Google ads). This way you can use RegExp, it's easy to edit what's blocked and to turn off blocking, it reforms the page to hide the ad's spot, and there is no security risk.

[maxamoto]

Ugh, I hate Firefox. It's just as broken, bloated and insecure as IE. Why install something that's busted when you already have something that's busted that does all the same things? Anyway...

As long as you start and stop the DNS service (or just disable it. You don't need it unless you're joined to a domain), you will not "chug along" as you put it. I suppose I could have added that, but I'm sure people will reboot at some point and render this a moot issue. Not to mention the fact that "chug away" means an almost instant lookup failure once the browser realizes there is no web server running on the local host (unless you have one), so again, moot...

Ugly? Yes, but so are ads, popups, trojans, phishing attacks and all the other cr@p out there. Take your pick, I guess...

When you say your information, what do you mean? The contents of the C drive? Whatever was in the form you were filling out at that particular moment? You're going to have to be a bit more specific than "your information". Also, how exactly would someone "slip in" another IP? I assume you mean by hacking your computer, but then all your information are belong to us, as they say...

Methinks you need to learn a little bit more about how things work before hitting the reply button

[Achdine]

  Ugh, I hate Firefox. It's just as broken, bloated and insecure as IE. Why install something that's busted when you already have something that's busted that does all the same things? Anyway...

Secunia also says IE is affected by 20/83 unpatched vunerabilities, at least one of which is highly critical, while Firefox is affected by 3/21 unpatched, the highest of which is "less critical." Opera has 0/5 unpatched (way to go Opera!). You can think about any adblocking program/browser for this discussion, though.

Here's an interesting article at CNET written by a senior editor earlier this year. In the article he specifically states,

[...] long lists within your hosts file often slow your computer's access to the Internet.

I agree with him. Your computer will have to repeatedly search that gigantic HOSTS file whenever you browse, and it will be huge if you expect it to do anything; it doesn't support expressions, so you will have to explicitly list every site to be blocked.

Ugly? Yes, but so are ads, popups, trojans, phishing attacks and all the other cr@p out there.

It doesn't block popups, and *gasp* there are ways to remove these things without making it ugly.

When you say your information, what do you mean?

If the HOSTS file that you downloaded from some random website contains a line which, instead of using the loopback address uses a seperate address, they could easily spoof the website you are attempting to access. For example, someone could use the HOSTS file to redirect your PayPal sign-in page to their webpage, which contains a similar login. You try to login, they get your password. Uh-oh. And with HOSTS files so large, it can be difficult to check all the entries for something like this. That is what I meant by "slip in."

Methinks you need to learn a little bit more about how things work before hitting the reply button

Please do a little more research before you begin to make petty insults. I checked out your findings, do me the decency of investigating mine.

When there are so many good ad/popup/spam/virus blockers out there, I just don't see a need for this method.

And lastly,

but then all your information are belong to us

This joke is officially five years old. It's not funny any more. For God's sake man, let it die.

[maxamoto]

Here's an interesting article at CNET written by a senior editor earlier this year...

Cnet?? Are you kidding me? That's your source? Sorry, but a senior of a tech magazine is going to write about anything to save his job, especially when it deals with older technology like the HOSTS file. It's safe filler for the mindless AOL pukes.

It doesn't block popups, and *gasp* there are ways to remove these things without making it ugly.

Actually, it does block popups. If a popup spawns from a domain that's pointed at 127.0.0.1, what do you think happens? Use a flowchart if you need to. Did you actually test my method, or did you just try and debunk it based on what the "senior editor" of a tech mag said?

If the HOSTS file that you downloaded from some random website contains a line which, instead of using the loopback address uses a seperate address, they could easily spoof the website you are attempting to access.

One would need to be incredibly retarded to fall for this. The link I gave in my original post is a safe file. Did you check it out, or did you just jump in keyboards-a-blazin'?

Please do a little more research before you begin to make petty insults.  I checked out your findings, do me the decency of investigating mine.

No petty insults here. A petty insult would have been "you're a moron who obviously doesn't know anything about how the Internet works and just likes to jump on whatever bandwagon the Cnet editors are on this week". Since I wouldn't ever say anything like that, I simply addressed what I though were deficiencies in your logic. Sorry if you were offended by that.

When there are so many good ad/popup/spam/virus blockers out there, I just don't see a need for this method.

To each their own. I'm suggesting an alternative way to stop the cr@p before it ever hits your popup blocker / spyware killer. If you don't agree, that's fine with me, but don't go posting your opinions disguised as fact. You'll get called out and end up looking real stupid. Especially if you're quoting some moron from Cnet...

This joke is officially five years old.  It's not funny any more.  For God's sake man, let it die.

I don't care what anyone says. This will ALWAYS be funny to me =]

[MHz]

Tried firefox for a month, and was glad to uninstall it. Lots of invalid claims for a browser that has bugs, little support for numerous items. The extensions do not help with what is sacrificed by using it. Suggestions of using it, are of no help to anyone.

I stopped using a hosts file when it was getting to 3-5Mbs. It slows things down too much. I would rather see the ads, rather then wait longer, for the hosts file to be read, each time.

If you do use it. Keep to your own entries, and keep it small. You only need to block the sites, that hinder your own browsing habits.

An interesting program is Hostsman, that will help to easily manage the Hosts file.

edit: added hostsman reference.

Edited July 15, 2005 by MHz