BlockList (.reg) that contains 8000+ bad domains.

[stickzilla]

Hah, that's exactly what I was thinking about. I've used long hosts files in the past so this made me curious.

[RogueSpear]

Host file blocking is nice because it blocks all communications, not just Internet Explorer and not just http. It will literally block all communications to a given domain, except for direct IP, because of where hosts fits in the name resoltion scheme. I usually save host file blocking for only the most egregious of domains like readnotify.com, doubleclick, etc. And I've found hosts to be necessary in some corp environments where a proprietary application wants to use DNS, but the knuckleheads never bothered to set an A record for their server (don't get me started).

I've seen people put in the neighborhood of 6,000 entries in their host file and then it takes forever to boot, forever to browse, etc. They even have utilities specifically for host file management, the most prevelant being Hostess.

Another solution along these lines is a proxy, something like eDexter. It uses a file similar to hosts, but it allows for wildcards and some other neat tricks. If you spend the time devising a good configuration for it and a method to automatically deploy and activate it, it's really a nice little program. It's a freebie too.

[BoardBabe]

I havent noticed any slowdown using this file with the ActiveX file, together they add more than 10 000 reg entries. But I have however noticed that it's a whole lot safer using them....

Anyone able to test the performance with and without this file accuratly?

[RogueSpear]

I don't even think the restricted ActiveX entries would even come into play unless an ActiveX control is attempting to run. So for general browsing and so forth, that shouldn't make a difference. The restricted sites listing must exact some kind of hit since whenever you browse, even within the same domain, the browser needs to know what zone rules the particular page will adhere to. In my purely anectdotal observations, the performance penalty is next to nothing. I actually have client machines running XP SP2 on Celeron 400MHz CPU with 256MB of RAM and they browse just as quick as can be with all of these registry entries in place.

[BoardBabe]

I would indeed imagine that the reduction of performance is extremly minimal if any at all, and the benefit of having the domains blocked would excess the minimal performance reduction...

[r4v3n]

How is PeerGuardian(2) performing compared to this list? I guess PeerGuardian blocks all traffic just like hosts blocking and not only IE, but how is it performing?

[RogueSpear]

I haven't had much luck with PeerGuardian, though that's probably due to me more than the program. For a home user I like to use a little freebie called eDexter. It has not been updated in ages, but it really does the trick.

[ZenLord]

a little freebie called eDexter. It has not been updated in ages, but it really does the trick.

I was interested, and it seems the program is still updated, but hosted by Pyrenean.

Just to let you know. I'll stick with the reg-block-list!

Zl.

[RogueSpear]

I'll stick with the reg-block-list!

There's no reason to chose one over the other, especially when it comes to security. As someone once said to me (regarding security, not my trousers) "wear both your belt and suspenders"

[Powerhouse]

What's the difference between adding these in the Registry, vs getting a host file from Here?

I know that having a large Hosts file does cause some slowdowns on Windows XP and 2K, but I just follow that guide and do the following...

- Start | Run (type) "services.msc" (no quotes)

- Scroll down to "DNS Client", Right-click and select: Properties

- Click the drop-down arrow for "Startup type"

- Select: Manual, click Apply/Ok and restart.

I guess what I'm really after is, which is the more secure way to go? If they are both the same, I would tend to want to use the Registry entries (as long as there isn't any more of a slowdown than using the Hosts file).

[amit_talkin]

Hey..nice work!!

[BoardBabe]

Powerhouse; I find my blocklist better as you can in most cases view the webpage but it is still secured and the system slowdown is non-existant or minimal (compared to hostfile). Also with my file try enter a website like www.astalavista.com, a site which would normally have alot of popups, coockies etc... You can view the page fine, but no popups or coockies are sent... (note that the particlar domain you are entering are not in the blocklist, although the poup ad and coockies domains are).

I find using the blocklist extremly convenient, as its a fast way to secure your system without stealing resources, and even with no antispyware installed you will have a pretty nice basic security while browsing.

amit_talkin: Thank you!

[MAVERICKS CHOICE]

@Boardbabe

Excellent work.

Cheers

MC.

[BoardBabe]

Thank you MAVERICKS CHOICE

[RogueSpear]

I've discovered something rather interesting and I'm surprised I never did notice this previously. I have always integrated blocking lists within my switchless silent installer and .msi file installer of SpywareBlaster. I always figured you may as well apply all this stuff while installing that (during svcpack.inf). Well I tried to incorporate this domain blocking list into the installer and then I did some checking after. It seems that the ActiveX and Cookie blocking entries take just fine, but for some reason the domain blocking entries do not. They are actually placed into the HKCU hive of the Default User account. I triple checked my InstallShield project files and sure enough they're defined as HKLM. None of this is really of consequence to the list, I just though some might be interested in knowing in case they were thinking of another method to integrate it.

So I stick with integration from cmdlines.txt for this list.