Print

[Ashen]

Last 10 Shouts: Ashen http://forums.guru3d.com/showthread.php?t=377992 Ashen http://outthere.keenspot.com/d/20081110.html Ashen http://oi50.tinypic.com/eisfic.jpg Ashen http://www.ea.com/news/simcity-update-straight-answers-from-lucy Ashen https://petitions.whitehouse.gov/petition/institute-industry-wide-return-policy-video-games-rely-remote-servers-and-drm-function-properly/nMy1wrtC Ashen http://i.imgur.com/roNfT.jpg Ashen http://i.imgur.com/roNfT.jpg Ashen http://www.techpowerup.com/forums/showthread.php?t=112556 Ashen http://www.bettercallsaul.com/ Ashen http://www.ebay.com/itm/New-5pc-TEC1-12706-Heatsink-Thermoelectric-Cooler-Cooling-Peltier-Plate-Module-/360542890811?pt=LH_DefaultDomain_0&hash=item53f207eb3b

Show 50 latest

[Darknova]

• Star Citizen by Darknova
  [May 06, 2013, 02:13:50 PM]
• AMD/AMD the new top choic... by vettexl
  [May 03, 2013, 04:38:24 PM]
• Guild Wars 2 by Seed
  [May 03, 2013, 04:17:35 PM]
• My new screwdriver set! by Ashen
  [April 10, 2013, 11:53:33 AM]
• Corsair Obsidian 650D by vettexl
  [April 06, 2013, 10:20:33 AM]
• Gave my case a new face l... by vettexl
  [April 04, 2013, 08:55:02 PM]
• Happy Easter by Ashen
  [March 31, 2013, 03:12:12 PM]
• ESO info by Darknova
  [March 29, 2013, 04:35:04 PM]
• Dedicated PhysX card by Ashen
  [March 12, 2013, 08:47:28 PM]
• Opinions on this card by Ashen
  [March 10, 2013, 09:19:24 PM]

Members

• Total Members: 285
• Latest: suquidkbn

Stats

• Total Posts: 18508
• Total Topics: 2572
• Online Today: 11
• Online Ever: 296
• (May 27, 2011, 01:50:04 AM)

Users Online

Users: 0
Guests: 10
Total: 10

[Ashen]

but apk your missing our point, one of your sorce(the one u mentioned) dosnt just block the offending url, but every url in the same domain, so say www.fish.techfiles.com is bad it will also block anything else in the .techfiles.com list including any usefull/safe sites.

and out of those 5500 you have added howmany are legit sites that have zero malware/adds on them? 

[APK]

but apk your missing our point, one of your sorce(the one u mentioned) dosnt just block the offending url, but every url in the same domain, so say www.fish.techfiles.com is bad it will also block anything else in the .techfiles.com list including any usefull/safe sites.

That's not true.

Blocking www.fish.techfiles.com will NOT block out the entire domain of

techfiles.com...

(Ash, the DOMAIN-to-SUBDOMAIN networking HOSTS name model works in REVERSE of that!)



www.fish.techfiles.com is a SUBDOMAIN of techfiles.com ...

Thus, I.E. -> www.fish.techfiles.com can't block-out ALL of techfiles.com & its OTHER Sub-DOMAINS, afaik, via an entry like:

0 www.techfiles.com

OR

0.0.0.0 www.techfiles.com

OR

127.0.0.1 www.techfiles.com

----

and out of those 5500 you have added howmany are legit sites that have zero malware/adds on them?

These are my sources for my daily security updates, they do the research:

Stopbadware.org (GOOGLE affiliate/partner in this)

SECURITY FOCUS (Symantec affiliate/partner/subdivision)

SpyBot "Search & Destroy" (Respected AntiSpyware program)

ZDNet Dancho Danchev (Security Researcher + Professional Consultant)

... I merely add it to my custom HOSTS file here for better security & absolutely up-to-date as possible security (because if you can't go into the kitchen, you can't get burned)

APK

P.S.=> You guys are missing the point here, from MY end, in regards to this HOSTS' file's current content:

... & that is that I "clean up" this file's interior vs. the AIRELLE "nanny approach" as you called it, & so far? It's working... I can't help if 2 guys don't use it here anymore is all. I know of 2 more here that do, NOT including myself.

E.G.-> You guys here found, what?? 62 domains thusfar to unblock, & my other folks helping me trim this in summation from 2 other places have found roughly 1,000 in combination with myself helping to do this as well... &, in that same timeframe, I've added ALMOST 5,500 KNOWN BAD SITES (vs. the ones found to be unblocked)

That's roughly a 5:1 ratio (of adding KNOWN BAD SITES vs. removing LEGIT GOOD SITES)... &, nearly 100:1 ratio, vs. what was found here on this site alone.

See, & I have stated this here before:

For a little while, it's going to be a "work-in-process", making the data solid (i.e.-> The HOSTS file content)...

Nothing I can do about that, but "grind it out" & be patient... & then, lastly, I will finish the FTP download portion of the app & distribute it! apk

[Ashen]

no u dont understand what i was saying apk, your sorce takes the "block them all" approch so they would block every url that was related to techfiles, like they had every sorce they could blocked from wordpress, many that where in no way harmfull/dangrous.

example (making up names)

fishman.wordpress.com has a gif thats detected as malware(positive or false positive) it gets blocked so their system is to block all *.wordpress.com entrys they can find so ashen.wordpress.com and wilee.wordpress.com and darknova.wordpress.com would all be added to the list dispite none of them having any malware or adds on them.

so your the one with things reverced, i know exectly how the hosts file works, you just dont understand/dont want to understand what im saying.

the fact that one of your sorces takes the scatter shot approch is why i get annoyed, they dont just block stuff thats malitious, they block everthing in the same domain range.

wordpress is a great example, i checked a bunch of the entrys that where blocked NONE WHERE BAD they where ALL SAFE yet the file had a stack of them in it........

need an app to let me put in wildcards like *.wordpress.com and have all those entrys removed at once and saved to a log, would speed things up drastickly since i could happly deal with a few adds if it ment i didnt have to edit the damn hosts file 20times a day to remove blocks so i can download software/drivers without spending alot of time looking for alt downloads.

Im not saying remove known bad url's but the best example is the ATI/AMD driver downloads that are blocked by this hosts file currently, that server may have hosted adds, of could even host them now, but unless they are malitous in some way, removing htem has no real down side as it allows people to download their drivers without spending alot of time editing a hosts file.

blah, im gonna watch a movie or something....

[Wile E]

Thanks!

----

If opening up notepad.exe to remove sites being blocked in a HOSTS file (1 line @ a time) is "too much" for anyone? Then, perhaps not using HOSTS files is the way to go for anyone of that nature really... just like I said to Ashen up above, as did JDW pretty much as well.

----

Suit yourself - I realized 1 thing in this art & science, long ago (in the mid 1990's-2002 or so, during my shareware-freeware development highpoint really): That is that you CANNOT please everyone...

Like I said above in this & other threads earlier:  I can lead a horse to water - but, I cannot MAKE him drink it...

APK

P.S.=> You guys are missing the point here, from MY end, in regards to this HOSTS' file's current content:

... & that is that I "clean up" this file's interior vs. the AIRELLE "nanny approach" as you called it, & so far? It's working... I can't help if 2 guys don't use it here anymore is all. I know of 2 more here that do, NOT including myself.

E.G.-> You guys here found, what?? 62 domains thusfar to unblock, & my other folks helping me trim this in summation from 2 other places have found roughly 1,000 in combination with myself helping to do this as well... &, in that same timeframe, I've added ALMOST 5,500 KNOWN BAD SITES (vs. the ones found to be unblocked)

That's roughly a 5:1 ratio (of adding KNOWN BAD SITES vs. removing LEGIT GOOD SITES)... &, nearly 100:1 ratio, vs. what was found here on this site alone.

See, & I have stated this here before:

For a little while, it's going to be a "work-in-process", making the data solid (i.e.-> The HOSTS file content)...

Nothing I can do about that, but "grind it out" & be patient... & then, lastly, I will finish the FTP download portion of the app & distribute it! apk

It wasn't the need to open notepad, it was the need to hunt down the urls (in the cases of embedded content) to remove from the hosts file.

But seriously, I didn't mean offense by my comments. My statements were purely to give insight as to why someone may choose not to use your file.

I love the idea of hosts based blocking. But to be more useful to my needs, how could I build this list without the airelle source? It would be about perfect for me then.

[Ashen]

is airelle the one blocking ati driver downloads?

[APK]

Im not saying remove known bad url's but the best example is the ATI/AMD driver downloads that are blocked by this hosts file currently, that server may have hosted adds, of could even host them now, but unless they are malitous in some way, removing htem has no real down side as it allows people to download their drivers without spending alot of time editing a hosts file.

Tell you what:

I can remove -> a248.e.akamai.net

BUT, not ALL of the rest of the akamai.net servers, such as via an entry like:

0 akamai.net

... &, for the the EXACT + INSIGHTFUL reasons (good ones) that mckenak stated... he did make an EXCELLENT point.

(That's ALL I ever stated, because mckenak was correct, that most akamai.net entries ARE adbanner servers).

----

wordpress is a great example

First off:

I don't BLOCKOUT all of wordpress, via the root domain name, via an entry like this:

0 wordpress.com

That'd be the ONLY way to do a blocking of its other "sub-domains" or parts of them, like www.wordpress.com OR ashen.wordpress.com... via a HOSTS file.

----

i checked a bunch of the entrys that where blocked NONE WHERE BAD they where ALL SAFE yet the file had a stack of them in it........

Secondly:

What made you think they are safe, ASH? Did you check the script tags yourself??

If you're relyng on AntiVirus &/or AntiSpyware ALONE, to do THAT, for YOU???

----

Top security suites fail exploit tests

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9117042&intsrc=news_ts_head

PERTINENT EXCERPT:

"They don't focus on detecting vulnerabilities, they focus on detecting the payload," Kristensen said. "But the problem with detecting the payload is that you're always behind [the hackers]. It's easy for the bad guys to create a new payload that's not detected by the scanning mechanisms and current signatures."

----

Why popular antivirus apps 'do not work':

http://www.zdnet.com.au/blogs/securifythis/soa/Why-popular-antivirus-apps-do-not-work-/0,139033343,139264249,00.htm

PERTINENT EXCERPT:

"AV companies continue to refine their products and most will tell you they stopped relying on purely signature-based systems many years ago. These days they use all sorts of clever methods to try and detect suspicious behaviour but the problem is that malware authors are also very clever. Very, very clever."

----

Take a GOOD read from the URL(s) above (& it's part of the WHY of why being "script kiddie tool reliant" solely, can be a downfall & sense of false security - also, additionally help prove that "layered security" is the way, & not only for 'trendy/fad' reasons either)...

----

fishman.wordpress.com has a gif thats detected as malware(positive or false
positive) it gets blocked so their system is to block all *.wordpress.com entrys they can find so ashen.wordpress.com and wilee.wordpress.com and darknova.wordpress.com would all be added to the list dispite none of them having any malware or adds on them.

How does or would an entry like:

fishman.wordpress.com

Do a blockout of:

ashen.wordpress.com

(From a HOSTS file entry)

?

----

fso your the one with things reverced

Answer the question above... & tell me that, vs. your example NOW, and your last one from techfiles.com above also...

----

, you just dont understand/dont want to understand what im saying.

Your examples are what I am operating on...

I.E.-> You said "I meant" but, Do you KNOW what you're trying to say/are you expressing yourself well in this exchange on this note, today?

See - @ times, I know you don't spell well, so giving you the benefit of the doubt here on this one as well (albeit, this is a case of DICTION & PROSE, not spellng, this time from you, possibly)...

----

the fact that one of your sorces takes the scatter shot approch is why i get annoyed, they dont just block stuff thats malitious, they block everthing in the same domain range.

Again: HOW SO?

E.G.-> Blocking www.techfiles.com DOES NOT BLOCK OUT EVERYTHING FROM THE PARENT ROOT DOMAIN OF techfiles.com... period!

----

is airelle the one blocking ati driver downloads?

NOT sure in THIS case, but most of the time? It's been a REAL "problem child"...

----

i know exectly how the hosts file works

You do?

Is that WHY I had to tell you how to structure/restructure the 1st HOSTS file of yours that you posted here, & sent me also as an attachment, & I had to then tell you to remove the leading # symbols you had in yours that invalidated ALL of its internal entries??

See below in my P.S. too... you're making ANOTHER mistake in regards to how HOSTS files work there below, also...

APK

P.S.=> Ash - per the above? You DON'T understand how HOSTS files work, @ least, in part it seems... because, this next statement of YOURS, evidences my statement for me, just based on what you said:

need an app to let me put in wildcards like *.wordpress.com

HOSTS files don't use WILDCARDS... IE restricted zones, Opera FILTER.INI, & IP Security Policies can though... apk

[APK]

It wasn't the need to open notepad, it was the need to hunt down the urls (in the cases of embedded content) to remove from the hosts file.

EDIT menu, FIND submenu... only takes 1 second or so, tops!



(Especially on a Quad Core 9650 Intel Extreme Edition CPU like YOU have man... very, Very, VERY fast!)

----

But seriously, I didn't mean offense by my comments.

Oh, hey: Trust me - NO OFFENSE was taken here, whatsoever... it's JUST computers &, nerdy debate around them (always happens, as there are always outliers &/or exceptions to most every rule, even situationally etc.)

----

My statements were purely to give insight as to why someone may choose not to use your file.

Sure, it's a possible... I can concede it: To folks who don't, no biggie, that's all - as again, I can lead a horse to water (that gives him absolutely current security AND more speed via adbanner blocks + adding your fav. sites hardcoded into it), but, I cannot make them drink it.



* Again - I realized LONG ago in this field, that you CANNOT please everyone...

I love the idea of hosts based blocking. But to be more useful to my needs, how could I build this list without the airelle source? It would be about perfect for me then.

There is still going to be SOME entries, that SOME folks will edit out (of THEIR personal copy of a HOSTS file, nothing wrong w/ this, by ANY means either)...

E.G. -> I have pals that "trim out" a LOT of Pr0n sites from MINE for instance (around a dozen++ entries, in fact)...

Some folks even want Pr0n sites taken out of the publicly distributed HOSTS files out there period (even though they are a KNOWN major source of infestation & malware no less in bad scripts and bad downloads in .exe's mainly on the latter), of most anykind from any source for them...

(Especially IF the maintainers of them may not... this is a fact of life w/ HOSTS files, on occasion!)

Updates AND Edits, as regards HOSTS files? They happen...

I.E.-> Same reason AntiVirus signatures databases not only have things ADDED to them (but, ALSO REMOVED from them too - "false positives" DO indeed, happen on them, also!)

APK

[APK]

2/1/2009 - UPDATED!

APK HOSTS FILE 4 Windows 2000/XP/Server 2003 (Updated 2/1/2009 - 644,842++ entries (5,524 new entries) + uses 0 as blocking IP address (most efficient type))

----

http://ashentech.com/index.php?action=downloads;sa=view;down=2

----

OR

APK HOSTS FILE 4 VISTA/Server 2008 (Updated 2/1/2009 - 644,842++ entries (5,524 new entries) + uses 0.0.0.0 as blocking IP address (2nd most efficient type)):

----

http://ashentech.com/index.php?action=downloads;sa=view;down=1

----



* 644,842++ total entries of KNOWN bad servers &/or sites, + 5,524 new bad server/site entries

(Added on 02/01/2009 - From reputable & reliable security information sources like StopBadWare.org & Dancho Danchev's blogspot (ZDNet security research analyst) + Spybot "Search and Destroy's" IMMUNIZE feature, + SECURITY FOCUS own lists of bad sites/servers, updating)



... The attached HOSTS files (& the ones in the download url's above) are FULLY "normalized" (repeat entries removed) & internally alphabetized (for easier manual mgt. via a text editor, like notepad.exe) as well as put into the MOST efficient possible blocking IP addresses possible (either 0, or 0.0.0.0, vs. 127.0.0.1) for modern Windows NT-based OS, via the program pictured above...

APK

P.S.=> ALSO IMPORTANT: If you folks run into ANY legitimate sites which are blocked by this HOSTS file, let us know here in this thread -> http://ashentech.com/index.php?topic=1456.0 (this very thread, in fact)...

... &, above all else? Hey -Thanks for that kind of feedback/pushback, by-the-by:

I.E.-> As it's truly a case of "1 oz. of criticism > = 1,000 lbs. of praise"

... & keeps helping to make this file better & better...

E.G.-> I, & others here who have contributed (such as Ash, DarkNova, Wile E, RITL337, & others here + elsewhere from diff. forums online), have run into 63 domains to remove, of 644,842++ bad servers blocked, on 2/1/2009 thusfar (a mere .006% of total ONLY in fact), in:

tvsquad.com

keznews.com

myspace.com

imdb.com

google.co.uk

latimes.com

nytimes.com

pcworld.com

experts-exchange.com

bbc.com

wired.com

simplemachines.org

g.live.com

usps.com

comodo.com

cubs.com

wwe.com

espn.com

sandboxie.com

comcast.net

tech-recipes.com

wordpress.com

dealtime.com

vso-software.fr

joost.com

brothersoft.com

msgplus.net

xroxy.info

xroxy.com

images.anandtech.com

slysoft.com

gamesites200.com

a248.e.akamai.net

thedailyshow.com

FILE-SHARING ORIENTED LIST BELOW:

dailymotion.com

metacafe.com

ign.com

freedownloadmanager.org

distrowatch.com

mydigitallife.info

free-codecs.com

generationmp3.com

twitchfilm.net

ghacks.net

garagegames.com

gamecopyworld.com

mediafire.com

piratebay.com

demonoid.com

btjunkie.org

isohunt.com

files.filefront.com

filekicker.com

filefront.com

speakeasy.net

lifehacker.com

mininova.org

torrentfreak.com

thepiratebay.org

easy-share.com

boingboing.net

ngohq.com

torrentbox

torrentbytes

... they are removed as of 12/14/2008 - 1/31/2009 updates...

(This happens because I used others' sources, in HOSTS files, & people make mistakes!)

* Now - When I get that information from you, in regards to VALID & LEGITIMATE websites being blocked accidentally in this HOSTS file, then, I can edit the sites you note out, & re-upload the file afterwards quickly enough...

(Thus - we ALL can gain by this being done here to/for this file!)... apk

[Ashen]

apk, your still failing to understand what im saying.

Ok let me try this again.

one of your sorces dosnt just block offending URL's if fishman.wordpress.com has a bad addbanner or something on it they take it to the extream and add every wordpress.com url they can find to the list as well, so innocent sites like ashen.wordpress.com would be added on top of fishman.wordpress.com.

they take the scatter shot approch to blocking.

say fishman.wordpress.com has a java based exploit so blocking it is a good idea, your lists takes any and all wordpress.com url's they can find are also blocked
so bad site fishman.wordpress.com gets
0 fishman.wordpress.com
but they dont leave it at that they also add
0 wordpress.com
and
0 ashen.wordpress.com
and
darknova.wordpress.com
and
0 wilee.wordpress.com

even if fishman.wordpress.com is the only offending page.

I do fully understand how the hosts file works and that each uniq url must be added, but check at least the older version of your file(dont got current version to check for you) there where a huge number of wordpress addys blocked dispite the fact that after checking a bunch of them none had anything malitious, sure some had objectionable content such as comments alot of people wouldnt agree with, but thats blog for you.

do i need to explain this again?

its all good and well to block offending site fishman.wordpress.com but auto blocking every other *.wordpress.com addy you can find as well just because fishman.wordpress.com is bad isnt kool, yet thats what one of your sources has done.