APK HOSTS FILE UPDATE (2/1/2009 - 644,842++ entries (5,524 new entries added))

APK

  • 43yo who acts like a 3yo
  • Child
  • APK
  • Posts: 333
APK HOSTS FILE UPDATE (2/1/2009 - 644,842++ entries (5,524 new entries added))
« on December 12th, 2008, 09:23 PM »Last edited on February 1st, 2009, 06:04 PM by APK
2/1/2009 - UPDATED!

APK HOSTS FILE 4 Windows 2000/XP/Server 2003 (Updated 2/1/2009 - 644,842++ entries (5,524 new entries) + uses 0 as blocking IP address (most efficient type))

----

http://ashentech.com/index.php?action=downloads;sa=view;down=2

----

OR

APK HOSTS FILE 4 VISTA/Server 2008 (Updated 2/1/2009 - 644,842++ entries (5,524 new entries) + uses 0.0.0.0 as blocking IP address (2nd most efficient type)):

----

http://ashentech.com/index.php?action=downloads;sa=view;down=1

----

:)

OR, JUST DOWNLOAD IT HERE, from the attached file(s) in this posting below!

5,524 more bad site entries added, from StopBadWare.org & Dancho Danchev's blogspot (ZDNet security research analyst) + Spybot "Search and Destroy's" IMMUNIZE feature + SECURITY FOCUS own lists of bad sites/servers, updating...

For a "Grand Total", of 644,842++ bad servers blocked, on 2/1/2009...

(Via the ongoing validity of content testing done here in THIS thread , where 63 domains were removed,  per Ash & Darknova : Less than .006% of the total content + myself finding 850++ more of them legit)

----

ALL entries are:

    A.) Fully normalized (duplicated entries removed)
    B.) Alphabetized inside the HOSTS file as well
    C.) All blocking entries are put into the MOST internal to HOSTS file efficient blocking IP address used format there is (via using 0, instead of 127.0.0.1 or 0.0.0.0 (whereby you will get a 20% gain in less memory occupancy & diskspace (thus, loadspeed into memory in the local DNS cache here) using 0, instead of 0.0.0.0 vs. 127.0.0.1))

ALL, for:

    1.) Less diskspace occupancy - due to smaller filesize on disk
    2.) Faster load time into your local DNS cache - due to smaller filesize on disk
    3.) Less memory occupancy as well - due to smaller filesize on disk (& once loaded into your local DNS cache from disk)

----

... This is the MOST comprehensive HOSTS file out there for BOTH speed & security, & also the MOST efficient there is, bar-none...

ALL, via the use of 0 as the blocking IP address (vs. 127.0.0.1, or 0.0.0.0) & the removal of any repeated entries, via normalization in code string processing!

(Thus, it allows the SAME valuable blocking function, that less efficient HOSTS files do, that also may NOT be as "up-to-date", &, @ less cost (I call it "economic turbo-technology for a HOSTS file", lol)).

:)

----

It's also kept "up-to-date", almost daily, vs. known malicious content website &/or adbanners, per my sources, listed next, below:

Dancho Danchev (ZDNet columnist & independent security researcher (great info. here)):

http://ddanchev.blogspot.com/

----

StopBadWare.org (GOOGLE REALLY HERE):

http://www.stopbadware.org/home

----

WIKIPEDIA LIST OF KNOWN &/or REPUTABLE HOSTS FILES:

http://en.wikipedia.org/wiki/Hosts_file

----

SECURITY FOCUS' LISTS OF KNOWN BAD SITES/SERVERS:

http://www.securityfocus.com/blogs/1584

----

Between they, & SpyBot "Search & Destroy"? I'd say you have most of, if not ALL of what a "body needs" for these purposes... if you know of others? Let me know!

... & also, please, upload your HOSTS file here as an attached file, so I can run it through my program!



... & so I may integrate the entries your HOSTS file has into this one I made, so we can ALL benefit from this kind of "group therapy" (for lack of a better expression here)...

APK

P.S.=> ALSO IMPORTANT: If you folks run into ANY legitimate sites which are blocked by this HOSTS file, let us know here in this thread -> http://ashentech.com/index.php?topic=1456.0 (this very thread, in fact)...

I & others here who have contributed, have run into 63 domains to remove, of 644,842++ bad servers blocked, on 2/1/2009 thusfar (.006% of total), in:

    tvsquad.com
    keznews.com
    myspace.com
    imdb.com
    google.co.uk
    latimes.com
    nytimes.com
    pcworld.com
    experts-exchange.com
    bbc.com
    wired.com
    simplemachines.org
    g.live.com
    usps.com
    comodo.com
    cubs.com
    wwe.com
    espn.com
    sandboxie.com
    comcast.net
    tech-recipes.com
    wordpress.com
    dealtime.com
    vso-software.fr
    joost.com
    brothersoft.com
    msgplus.net
    xroxy.info
    xroxy.com
    images.anandtech.com
    slysoft.com
    gamesites200.com
    a248.e.akamai.net
    thedailyshow.com

FILE-SHARING ORIENTED LIST BELOW:

    dailymotion.com
    metacafe.com
    ign.com
    freedownloadmanager.org
    distrowatch.com
    mydigitallife.info
    free-codecs.com
    generationmp3.com
    twitchfilm.net
    ghacks.net
    garagegames.com
    gamecopyworld.com
    mediafire.com
    piratebay.com
    demonoid.com
    btjunkie.org
    isohunt.com
    files.filefront.com
    filekicker.com
    filefront.com
    speakeasy.net
    lifehacker.com
    mininova.org
    torrentfreak.com
    thepiratebay.org
    easy-share.com
    boingboing.net
    ngohq.com
    torrentbox
    torrentbytes

... they are removed as of 12/14/2008 - 1/31/2009 updates...

(This happens because I used others' sources, in HOSTS files, & people make mistakes!)

* Now - When I get that information from you, in regards to VALID & LEGITIMATE websites being blocked accidentally in this HOSTS file, then, I can edit the sites you note out, & re-upload the file afterwards quickly enough... thanks - we ALL can gain by this being done here to/for this file! apk
"There must be security for all, or no one is secure. NOW - This does not mean giving up any freedom, except the freedom to act irresponsibly. We do not pretend to have achieved perfection, but we do have a system - and it works. Your choice is simple:  Join us, & live in peace... or pursue your present course, & face obliteration. We shall be waiting for your answer (The decision rests with you)..." - Klaatu, "The Day the Earth Stood Still"

JDW

  • Newbie
  • Posts: 8
Quote from Ashen on December 19th, 2008, 04:10 PM
yet another damn ligit site alot of sites use to host their downloads blocked by this hosts file.

www.filekicker.com

think you need to look at ur sorces and maby dump one of them....this is getting very old.......
you can say what you will about the way apk does his host file findings, but i for one am glad that he does it this way because it secures people that does not use file sharing, or porn,and it is no big trouble for me to use note pad to fix any sites that are blocked by this host file. 

before i started using apk's hosts file i was getting over 3,000 viruses a month and now because of the sites i go to i now only get maybe 30 to 40 because i use JavaScript, and i look at porn from time to time. 

now if i stopped using JavaScript and stopped looking at porn then i would not get the 30 to 40 viruses a month.

besides apk is doing us all a favor by keeping this host file up to date and not charing us for this. but i would not be surprised if he does start charging for the time it takes him to do this. i know it took apk a while to get all of this together. 

so i have to say this thank you apk keep up the good work.  you rock with the darleck force filed. lol  thanks APK you are doing a good job despite what any one says.   :glasses7:

UnaSalusVictus

  • Bibliophile, Autodidact
  • Administrator
  • Posts: 4,646
APL rofl

so now we call you the apple :P

and again, im not as paranoied as you are, as to os's staying up, i got a system in the other room thats on 2k thats been installed since sp2, hasnt been infected once, no port blocking/filtering in use, just a good AV and account control setup(nobody but me can install anything) its now at sp5(msfn forums unofficial service pack 5) and has higher up time counts then most servers, its just a email check box now, to slow for anything else really, but its still running, no hosts file, opera 9.5(havent updated it lately for 3rd party software)

think its max up time was a little over a year no restarts, finnely went down when our power was out for a night due to a drunk driver.

updating nightly is a bit much IMHO, i would at most update once a week, if you take this public in its current state your gonna get alot of ppl who will just dump it because it blocks to many ligit sites like filefront :(
"It's funny that Christians want people to believe Muslims are evil due to what's in their holy book, their history, and the actions of their extremists, while telling people to ignore what's in their own holy book, their history, and the actions of their extremists."
http://www.pirate-party.us
“Fear is the path to the dark side. Fear leads to anger. Anger leads to hate. Hate leads to suffering.”

APK

  • 43yo who acts like a 3yo
  • Child
  • APK
  • Posts: 333
Re: APK HOSTS FILE UPDATE (12/19/2008 - 640,730++ entries (247 new entries added))
« Reply #3, on December 19th, 2008, 07:37 PM »Last edited on December 19th, 2008, 07:50 PM by APK
Quote from Ashen on December 19th, 2008, 07:25 PM
APL rofl

so now we call you the apple :P
Hmmm... I would prefer "The Lord of HOSTS"... hehe!

(Sarcasm, no blasphemy intended Lord... look up reference to that Ash, might give you a good laff, lol!)

---
Quote from Ashen on December 19th, 2008, 07:25 PM
and again, im not as paranoied as you are, as to os's staying up, i got a system in the other room thats on 2k thats been installed since sp2, hasnt been infected once, no port blocking/filtering in use, just a good AV and account control setup(nobody but me can install anything) its now at sp5(msfn forums unofficial service pack 5) and has higher up time counts then most servers, its just a email check box now, to slow for anything else really, but its still running, no hosts file, opera 9.5(havent updated it lately for 3rd party software)
Well...

What's one of the FIRST things a virus/trojan/spyware/malware goes after?

Turning OFF your firewall... AND, YOUR ANTIVIRUS or ANTISPYWARE SOLUTIONS, period... I see it everyday!


HOWEVER - By using "layered security"?

Via:

1.) port filtering...

(WHICH WAS STUPIDLY REMOVED IN VISTA, & yet Ms claims it is "the most secure Windows yet"? They've pulled what amounts to a 2nd lock on your doors... alongside removing 0 as a valid IP for blocking bad URL's in the HOSTS file as of the 12/09/2008 update for hotfixes we found no less)

2.) A HOSTS file

3.) IP Security Policies in place?

No big deal...

---

Turn off my software firewall?

I have PORT FILTERS, a NAT firewalling True stateful packet inspecting hardware router firewall, & IP Security policies in the way, along with a HOSTS file...

----

I am, truly, inviolate... &, I would share that, with anyone.

Of course, doing so?

Puts a LOT of "techies" out of work too... 1/2 of their day, & I SEE IT EVERYDAY? Is cleaning out viruses/trojans/malwares etc....

It's the SAME reason the DEA is not taking down COLUMBIA or other drug producing nations... it would put them out of a job!

----
Quote from Ashen on December 19th, 2008, 07:25 PM
updating nightly is a bit much IMHO, i would at most update once a week
Ash?

It's ONLY AS GOOD AS HOW CURRENT IT IS, &, I DO KEEP IT ABSOLUTELY CURRENT AS POSSIBLE!

E.G.-> 1 bogus email, & one with HTML in it & URL's to said bad sites??

It's over... you're infected.

:)

... that is WHY I keep it so current.

----
Quote from Ashen on December 19th, 2008, 07:25 PM
if you take this public in its current state your gonna get alot of ppl who will just dump it because it blocks to many ligit sites like filefront :(
Then, like I said? Keep telling me which ones are NOT to your liking?? & I will remove them... simple.

APK
"There must be security for all, or no one is secure. NOW - This does not mean giving up any freedom, except the freedom to act irresponsibly. We do not pretend to have achieved perfection, but we do have a system - and it works. Your choice is simple:  Join us, & live in peace... or pursue your present course, & face obliteration. We shall be waiting for your answer (The decision rests with you)..." - Klaatu, "The Day the Earth Stood Still"

Darknova

  • Administrator
  • Posts: 2,039
Re: APK HOSTS FILE UPDATE (12/19/2008 - 640,730++ entries (247 new entries added))
« Reply #4, on December 19th, 2008, 09:03 PM »Last edited on December 19th, 2008, 09:10 PM by Darknova
Quote from JDW on December 19th, 2008, 06:57 PM
you can say what you will about the way apk does his host file findings, but i for one am glad that he does it this way because it secures people that does not use file sharing, or porn,and it is no big trouble for me to use note pad to fix any sites that are blocked by this host file. 

before i started using apk's hosts file i was getting over 3,000 viruses a month and now because of the sites i go to i now only get maybe 30 to 40 because i use JavaScript, and i look at porn from time to time. 

now if i stopped using JavaScript and stopped looking at porn then i would not get the 30 to 40 viruses a month.

besides apk is doing us all a favor by keeping this host file up to date and not charing us for this. but i would not be surprised if he does start charging for the time it takes him to do this. i know it took apk a while to get all of this together. 

so i have to say this thank you apk keep up the good work.  you rock with the darleck force filed. lol  thanks APK you are doing a good job despite what any one says.   :glasses7:
While I agree APK does some fine work, and Ash loves to complain :P I have to comment on one thing. 3000 viruses a month? What in God's name do you do?

I could run completely unprotected (have done a number of times) and not get that many viruses, unless you are purposely going out looking for viruses or clicking every single "dodgy" link there is I seriously have to refute that.
And no to mention the fact you claim to still be getting 30-40 a month now? I'm running without APK's HOST file (too many issues for my usage), Javascript enabled, I browse pr0n and I fileshare. I have NOD32 and my router firewall and I bet you anything if I ran a check now nothing would be found except a few tracking cookies.

UnaSalusVictus

  • Bibliophile, Autodidact
  • Administrator
  • Posts: 4,646
you can do stuff with user.js files that will block only what you want blocked.

i was gonna see if you would consider trying to make a user.js that some of us could use to mark ad servers that your hosts file misses AND also if possable could be used to tag sites that are blocked that shouldnt be, so we could just submit a txt file(or the like) from time to time to get sites blocked/unblocked with ease (also would make it easyer for you as well :D )

maby a widget??

i really like opera10a1 VERY fast :D

though chrome is still faster at flash based stuff :)
"It's funny that Christians want people to believe Muslims are evil due to what's in their holy book, their history, and the actions of their extremists, while telling people to ignore what's in their own holy book, their history, and the actions of their extremists."
http://www.pirate-party.us
“Fear is the path to the dark side. Fear leads to anger. Anger leads to hate. Hate leads to suffering.”

APK

  • 43yo who acts like a 3yo
  • Child
  • APK
  • Posts: 333
Re: APK HOSTS FILE UPDATE (12/20/2008 - 640,618++ entries (251 new entries added))
« Reply #6, on December 20th, 2008, 06:20 PM »Last edited on December 21st, 2008, 02:03 AM by APK
Quote from Ashen on December 20th, 2008, 12:10 PM
you can do stuff with user.js files that will block only what you want blocked.
A better + safer way, is that program I wrote you that you asked for, that works on FILTER.INI &/or URLFILTER.INI in Opera...

http://ashentech.com/index.php?topic=1410.0

:)

* NO javascript required.

(Nicest part is? It IS basically done FOR you already, & I tell you exactly WHERE to modify it to make it anything you want really, for .txt file processing... which these files are, .ini extension or not - &, it's written in literally the proven FASTEST language for both STRINGS & MATH processing there with, & with a decently STRONG algorithm for it, & in character mode/DOS mode/tty console app speed)

I refuse to do the work, for you, though... for YOUR own good, because I think you have it in you to "take the next step" into coding...

---
Quote from Ashen on December 20th, 2008, 12:10 PM
i was gonna see if you would consider trying to make a user.js that some of us could use to mark ad servers that your hosts file misses AND also if possable could be used to tag sites that are blocked that shouldnt be, so we could just submit a txt file(or the like) from time to time to get sites blocked/unblocked with ease (also would make it easyer for you as well :D )
The way I'd do that, & yes, I was planning for it (IF I can get the damned time to do it)? Is inside the HOSTS file Grinder 4.0++ program I use to make this thing... a simply SMTP mail routine straight to my email account, hardcoded into it.

----
Quote from Ashen on December 20th, 2008, 12:10 PM
I really like opera10a1 VERY fast :D
AND, it has a "working something" you need & stated things about to mckenak: An inlined spellchecker that WORKS!

:)

* Still "waking up", & NOT to a good day... snowblowing & shovelling - we got MASSIVELY HIT by a blizzard last night & the whole damn town is snowed in... I got stuck 2x myself & it was NOT "fun" - it has put me into a REAL crappy mood already for the day, & I really "DISLIKE" starting my day out thus!

APK

P.S.=> LOL, man... then, the power went out for 1/2 hour here, gee... what's next? Heh... snowstorms & updating this because of invalid sites in it (thanks a lot AIRELLE lists from Wikipedia, not)?

"We ICED UP Jarvis: Deploy flaps! Jarvis...?!? COME ON, WE GOTTA BREAK THE ICE!" - Iron Man

Boy, icing up on this HOSTS file is one thing, that's only minutes of work... breaking the ice in my driveway & what-not? ArGh!!! I hate it... lol! I love the NorthEast U.S.A., but the ice & snowstorms/blizzards, really SUCK! apk
"There must be security for all, or no one is secure. NOW - This does not mean giving up any freedom, except the freedom to act irresponsibly. We do not pretend to have achieved perfection, but we do have a system - and it works. Your choice is simple:  Join us, & live in peace... or pursue your present course, & face obliteration. We shall be waiting for your answer (The decision rests with you)..." - Klaatu, "The Day the Earth Stood Still"

JDW

  • Newbie
  • Posts: 8
 look you can believe what you want but i know what my scans told me. i got these by not having a host file and using javascript, and looking at porn so you can take it how you want but i know the truth. :glasses7:
Quote from Darknova on December 19th, 2008, 09:03 PM
Quote from JDW on December 19th, 2008, 06:57 PM
you can say what you will about the way apk does his host file findings, but i for one am glad that he does it this way because it secures people that does not use file sharing, or porn,and it is no big trouble for me to use note pad to fix any sites that are blocked by this host file. 

before i started using apk's hosts file i was getting over 3,000 viruses a month and now because of the sites i go to i now only get maybe 30 to 40 because i use JavaScript, and i look at porn from time to time. 

now if i stopped using JavaScript and stopped looking at porn then i would not get the 30 to 40 viruses a month.

besides apk is doing us all a favor by keeping this host file up to date and not charing us for this. but i would not be surprised if he does start charging for the time it takes him to do this. i know it took apk a while to get all of this together. 

so i have to say this thank you apk keep up the good work.  you rock with the darleck force filed. lol  thanks APK you are doing a good job despite what any one says.   :glasses7:
While I agree APK does some fine work, and Ash loves to complain :P I have to comment on one thing. 3000 viruses a month? What in God's name do you do?

I could run completely unprotected (have done a number of times) and not get that many viruses, unless you are purposely going out looking for viruses or clicking every single "dodgy" link there is I seriously have to refute that.
And no to mention the fact you claim to still be getting 30-40 a month now? I'm running without APK's HOST file (too many issues for my usage), Javascript enabled, I browse pr0n and I fileshare. I have NOD32 and my router firewall and I bet you anything if I ran a check now nothing would be found except a few tracking cookies.

APK

  • 43yo who acts like a 3yo
  • Child
  • APK
  • Posts: 333
Re: APK HOSTS FILE UPDATE (12/20/2008 - 640,623++ entries (256 new entries added))
« Reply #8, on December 20th, 2008, 08:40 PM »Last edited on December 21st, 2008, 12:19 AM by APK
Quote from JDW on December 20th, 2008, 07:51 PM
look you can believe what you want but i know what my scans told me. i got these by not having a host file and using javascript, and looking at porn so you can take it how you want but i know the truth. :glasses7:
At least you're HONEST about it, & yes, I believe you:

E.G.-> A few times this & last year, I went thru around oh, 800-1,000 calls from customers regarding cleaning out their machines vs. "malware machination" (many times when other techs on Level 1 gave up)...

I saw @ least 5-10 system infested to THAT incredible level. One was from a guy in New Jersey with a bar, & he was hilariously honest about going to "Pr0n" sites too... I value honesty, especially when it's FUNNY!

:(

* Yes, it happens...

APK

P.S.=> Well, keep those INVALIDLY blocked sites coming people, because this "stage of the game" is about to "accelerate", via my going to other online forums w/ this HOSTS file & using the "power of the masses", to start REALLY "trimming this thing down" vs. sites that are blocked in it!

(... &, @ this point? I am pretty damned sure the MAIN problem is the Wikipedia AIRELLE lists, lol, & I can't just "turn away" from this now, because of all the really valid ones "mixed into it" in alphabetically ordered fashion - now, @ this point, because of normalization & alphabetization being used, I cannot even determine where most of them are anymore, unless I want to hit Stopbadware.org & D. Danchev's site @ ZDNet + look thru them ALL again (months of them))...

We CAN do this... or, @ least, I will!

Hey - I want this thing to be the BEST HOSTS FILE IN EXISTENCE, & it's going to be...


That goes along with the program for it being able to:

    A.) Submit SMTP emails to me to remove invalids that MIGHT still exist etc. et al!
    B.) Automate FTP downloads of updates (by doing it manually as I do now, OR "automagically"), which I have code for both, that works

HOWEVER:

I can't & WON'T "go public" as Ash says, w/ this file &/or program
, until this file is in "REASONABLY SOLID ORDER" as to removing sites blocked in it that should NOT be...

I want to do this, absolutely 110% right as possible... apk
"There must be security for all, or no one is secure. NOW - This does not mean giving up any freedom, except the freedom to act irresponsibly. We do not pretend to have achieved perfection, but we do have a system - and it works. Your choice is simple:  Join us, & live in peace... or pursue your present course, & face obliteration. We shall be waiting for your answer (The decision rests with you)..." - Klaatu, "The Day the Earth Stood Still"

Wile E

  • #1 Hardware Killa!
  • Administrator
  • I like boobs!
  • Posts: 2,214

JDW

  • Newbie
  • Posts: 8
Quote from Wile E on December 20th, 2008, 10:03 PM
Quote from JDW on December 20th, 2008, 07:51 PM
look you can believe what you want but i know what my scans told me. i got these by not having a host file and using javascript, and looking at porn so you can take it how you want but i know the truth. :glasses7:
I gotta say, that sure is a lot of infections from porn. Just how much porn do you look at anyway? lol.
a lot more than you really want to know, but seriously  it was not all from porn sites. it was visiting other sites too.  but remember the cardinal rule leave JavaScript off unless you need to have it on.    :glasses7:
and i do not blame you one bit about making it 110%, but how do you really know that what people are telling you is a ligament site is real or fake. they could really not be telling the truth and you still get infected. is there a way to tell if the site is legit or not.  :glasses7:  

APK

  • 43yo who acts like a 3yo
  • Child
  • APK
  • Posts: 333
Re: APK HOSTS FILE UPDATE (12/20/2008 - 640,623++ entries (256 new entries added))
« Reply #12, on December 21st, 2008, 12:10 AM »Last edited on December 21st, 2008, 12:12 AM by APK
Quote from JDW on December 21st, 2008, 12:00 AM
and i do not blame you one bit about making it 110%, but how do you really know that what people are telling you is a ligament site is real or fake. they could really not be telling the truth and you still get infected. is there a way to tell if the site is legit or not.  :glasses7:
Good question:

First: I go to the site in question, after asking the person who submits it to me about it (@ least here I do, & I have known these guys here for almost 3 yrs. now in most of them as well, so they can be trusted imo)...

Second: Then, I view its HTML page source, & if its not way, Way, WAY "obfuscated code" (meaning so scrambled up it's almost 'encrypted' or so massively twisted it is hard to trace out etc. et al) in the scripting (ala javascript & you are TOTALLY right on that note, & SECUNIA.COM + SECURITYFOCUS.COM can show anyone that much, in that 95%++ or better of today's threats, which are blowing past traditional defenses like SECURITY SUITE'S antivirus &/or antispyware portions)?

I can tell pretty fast.

:)

* Other than that? Trust... pure trust...

APK

P.S.=> That's from "normal folks/testers", as the folks here have been...

... & StopBadWare.org (Google really), Mr. Dancho Danchev of ZDNet (security researcher, & good one), & the WikiPedia list of HOSTS files I do trust (except that damn AIRELLE list, @ list NOT IN FULL on this one, but, we're trimming the fat out of that one here as I write this & have been this past week now)... apk
"There must be security for all, or no one is secure. NOW - This does not mean giving up any freedom, except the freedom to act irresponsibly. We do not pretend to have achieved perfection, but we do have a system - and it works. Your choice is simple:  Join us, & live in peace... or pursue your present course, & face obliteration. We shall be waiting for your answer (The decision rests with you)..." - Klaatu, "The Day the Earth Stood Still"

JDW

  • Newbie
  • Posts: 8
Quote from APK on December 21st, 2008, 12:10 AM
Quote from JDW on December 21st, 2008, 12:00 AM
and i do not blame you one bit about making it 110%, but how do you really know that what people are telling you is a ligament site is real or fake. they could really not be telling the truth and you still get infected. is there a way to tell if the site is legit or not.  :glasses7:
Good question:

First: I go to the site in question, after asking the person who submits it to me about it (@ least here I do, & I have known these guys here for almost 3 yrs. now in most of them as well, so they can be trusted imo)...

Second: Then, I view its HTML page source, & if its not way, Way, WAY "obfuscated code" (meaning so scrambled up it's almost 'encrypted' or so massively twisted it is hard to trace out etc. et al) in the scripting (ala javascript & you are TOTALLY right on that note, & SECUNIA.COM + SECURITYFOCUS.COM can show anyone that much, in that 95%++ or better of today's threats, which are blowing past traditional defenses like SECURITY SUITE'S antivirus &/or antispyware portions)?

I can tell pretty fast.

:)

* Other than that? Trust... pure trust...

APK

P.S.=> That's from "normal folks/testers", as the folks here have been...

... & StopBadWare.org (Google really), Mr. Dancho Danchev of ZDNet (security researcher, & good one), & the WikiPedia list of HOSTS files I do trust (except that damn AIRELLE list, @ list NOT IN FULL on this one, but, we're trimming the fat out of that one here as I write this & have been this past week now)... apk
APK how long have you been doing this hole project. yes i call it a project because you are still in the stages of putting this together.  but honestly how long have you been working on this project.  :glasses7:
Quote from Ashen on December 19th, 2008, 07:05 PM
APK, editing is a pain when it seems like 3-4 times a night i gotta go in and remove LEGIT SHIT!!!!

Till you trim out the ligit sites like filefront(stuff like that) people are gonna get annoied and complain about having to clean up the hosts file, infact i haven updated from ur new ones because i dont want to have to deal with removing more stuff, eventualy i may update and deal with re-removing stuff, but really, im far less paranoied then you are.

as to javascript, funny i dont get viruses and i dont dissable it unless its being used to annoy me on some sites.......

suprised u can get to any porn sites with this hosts file, seems like its blocking ligit stuff and not blocking alot of stuff it should be(like infected porn sites)
Quote from Ashen on December 19th, 2008, 07:25 PM
APL rofl

so now we call you the apple :P

and again, im not as paranoied as you are, as to os's staying up, i got a system in the other room thats on 2k thats been installed since sp2, hasnt been infected once, no port blocking/filtering in use, just a good AV and account control setup(nobody but me can install anything) its now at sp5(msfn forums unofficial service pack 5) and has higher up time counts then most servers, its just a email check box now, to slow for anything else really, but its still running, no hosts file, opera 9.5(havent updated it lately for 3rd party software)

think its max up time was a little over a year no restarts, finnely went down when our power was out for a night due to a drunk driver.

updating nightly is a bit much IMHO, i would at most update once a week, if you take this public in its current state your gonna get alot of ppl who will just dump it because it blocks to many ligit sites like filefront :(
well you can all was go into note pad and change it if you need to. there is nothing saying you can not go and change the hosts file like i do and comment of the site you look at or need to use.   :glasses7: