The New Tech - View Single Post - HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA

**APK** · 06:04pm

CUSTOM HOSTS FILE USAGE (for speed, AND SECURITY)

5.) The use of a CUSTOM ADBANNER BLOCKING HOSTS FILE (my personal one houses, as of this date, 90,000 known adbanner servers, OR sites known to bear malicious code & exploits (per GOOGLE mostly, from stopbadware.org))

Custom HOSTS files work in combination with Opera adbanner blocks & the usage of .PAC filering files + cascading style sheets for this purpose.

(As well as speeding up access to sites I often access - doing this, acting as my own "DNS Server" more or less, is orders of magnitude faster than calling out to my ISP/BSP DNS servers, waiting out a roundtrip return URL-> IP Address resolution. It may take some maintenance for this @ times, especially if sites change HOSTING PROVIDERS, but this is a rarity & most sites TELL YOU when they do this as well, so you can make fast edits, as needed (and, on Windows NT-based OS since 2000/XP/Server 2003 & VISTA? A reboot is NOT required upon edits & commits of changes in the new largely near fully PnP IP stacks!))

For a copy of mine, write me, here -> apk4776239@hotmail.com

And, I will send it to you in .zip or .rar format (with sped up sites # UNIX comment symbol disabled, enable the ones you use AFTER you 'ping' them first from my list, & add ones YOU PERSONALLY USE to it as needed after determining their IP address via a PING of them)

OR, JUST DOWNLOAD IT HERE:

http://forums.techpowerup.com/attachment.p...mp;d=1172567412

----

An example of WHY you'd want to use one of these for security's sake? Read here:

Why use an ADBANNER BLOCKING HOSTS file? Here is why: - techPowerUp! Forums

----

ADDITIONALLY, because on Windows Server 2003 (however, no others I have seen @ least so far), sometimes, the HOSTS file precedence vs. say, local DNS servers on a LAN, gets overridden by them? You MAY have to implement this:

How to change name resolution order on Windows 95 and Windows NT

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\ServiceProvider]
"LocalPriority"=dword:00000005
"HostsPriority"=dword:00000006
"DnsPriority"=dword:00000007
"NetbtPriority"=dword:00000008

(LOWER NUMBERS HERE = GREATER PRIORITY)

As you can see, I give my LOCAL DNS Cache the greatest priority (because it has my HOSTS file loaded into it @ system startup (IP stack startup, actually)), & THEN, my custom adbanner blocking/speedup fav sites (which this post is showing folks how to do, & yes, it works) is next, & then my ISP/BSP's DNS servers, & lastly NetBios/WINS stuff (which I just plain do NOT use, because I have no LanManager style network running here, ONLY Tcp/IP)

----

IMPORTANT NOTE: IF your system seems to "lag" while the HOSTS file is in use (this typically does not occur with 1mb or less sized HOSTS files in my experience), especially IF it is a relatively LARGER SIZED one (in the case I saw where this happened, it was a 12mb sized one I use, & it was applied on a Windows XP Home Edition system w/ 256mb of RAM on an AMD Athlon64 3200mhz system), YOU MAY HAVE TO DISABLE YOUR DNS Client Service!

* This is achieved via going to the START button, RUN command, type in SERVICES.MSC & once it comes to the screen, find the DNS Client Service in the list of services & right-click on it (or, doubleclick) & use the PROPERTIES screen, & use the STOP button (to stop the service) & then set its startup type to DISABLED, & this 'lagging' goes away (reboot is recommended, especially on Windows 2000 systems, for the HOSTS file to reload... otherwise, changes may take up to 5 minutes to take, so reboots make that quicker & assured on ANY Ms Windows-NT based OS (2000/XP/Server 2003 & VISTA).

----
DIRECTIONS FOR USE (also in my downloadable CUSTOM HOSTS file above, with MORE on how to really use them to get even more speed than blocking adbanners mind you is in its internal documentation):

You replace your:

%windir%\system32\drivers\etc

Original version of HOSTS with this one (overwrite it, but, first copy your original OR rename it to keep it around IF ever needed), & have @ it (HBO internet, no commercials + thus MORE SPEED (and, you WILL notice it) by not calling out to ad servers, loading their data, & running it... & certainly NO possibility of being infected by adbanners that bear RBN (Russian Business Network) malware javascripted/FLASH bearing adbanners that infect you as has been seen lately/very currently in fact - between this, and stalling out Java/JavaScript + ActiveX/ActiveScripting globally in your browsers as noted in the last step & why? You are "proof" against MOST attacks today (& consider disabling IFrames too, an oft used attack today as well!)).

Now, like I do? It IS possible to alter the default location of the HOSTS file, & to take away I/O from your main disk to load it by using another one... like a 2nd HDD you may have IF you have one for example!

(E.G.-> I move mine to my CENATEK RocketDrive SSD (solid state RamDisk), for F A S T access since seek times on it are 1000's of times faster than on std. mechanical disks, & doesn't matter WHAT kind - & here I also place my pagefile.sys on its own partition (first) & then webpage caches, %temp% environmental variable ops, logging (even eventlogs, which like HOSTS file, can be moved in the registry to another disk, & applications often have the ability to move their logs in their configuration screens as well)) via this registry key, should you elect to do the same:

In regedit.exe's right-hand-side pane, follow this path:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters

& in the left-hand-side pane of regedit.exe, you change the DataBasePath path value there to the disk & folder you wish to place your HOSTS file in (which makes for faster OS & IP stack initialization since it is on another drive, in my case an SSD so it is THAT MUCH QUICKER since seeks on them are so fast, to load the HOSTS data into your RAM (local DNS cache)).

APK

P.S.=> To keep "ontop of the latest spam mailers, & also known malicious sites" online? See these sites (1 I mentioned here already, this is the rest of the list I use, & others too):

Dancho Danchev (security expert) BLOG page:

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

SRI:

SRI Malware Threat Center

StopBadWare.org:

StopBadware.org - Welcome to StopBadware.org

Spamhaus (good for the mail end of things):

Lookup an IP Address in the Spamhaus DNSBLs

PHISTANK ("phunny name", pun intended) - Another really GOOD bad mailer & sites listing:

PhishTank | Join the fight against phishing

Between they, & SpyBot "Search & Destroy"? I'd say you have most of, if not ALL of what a "body needs" for these purposes... if you know of others? Please - list them, & thanks! apk

Dec 6, 2007, 08:07pm	CUSTOM HOSTS FILE USAGE (for speed, AND SECURITY)
APK Elite Member Posts: 354 Name: The Duke of URL Karma:	CUSTOM HOSTS FILE USAGE (for speed, AND SECURITY) 5.) The use of a CUSTOM ADBANNER BLOCKING HOSTS FILE (my personal one houses, as of this date, 90,000 known adbanner servers, OR sites known to bear malicious code & exploits (per GOOGLE mostly, from stopbadware.org)) Custom HOSTS files work in combination with Opera adbanner blocks & the usage of .PAC filering files + cascading style sheets for this purpose. (As well as speeding up access to sites I often access - doing this, acting as my own "DNS Server" more or less, is orders of magnitude faster than calling out to my ISP/BSP DNS servers, waiting out a roundtrip return URL-> IP Address resolution. It may take some maintenance for this @ times, especially if sites change HOSTING PROVIDERS, but this is a rarity & most sites TELL YOU when they do this as well, so you can make fast edits, as needed (and, on Windows NT-based OS since 2000/XP/Server 2003 & VISTA? A reboot is NOT required upon edits & commits of changes in the new largely near fully PnP IP stacks!)) For a copy of mine, write me, here -> apk4776239@hotmail.com And, I will send it to you in .zip or .rar format (with sped up sites # UNIX comment symbol disabled, enable the ones you use AFTER you 'ping' them first from my list, & add ones YOU PERSONALLY USE to it as needed after determining their IP address via a PING of them) OR, JUST DOWNLOAD IT HERE: http://forums.techpowerup.com/attachment.p...mp;d=1172567412 ---- An example of WHY you'd want to use one of these for security's sake? Read here: Why use an ADBANNER BLOCKING HOSTS file? Here is why: - techPowerUp! Forums ---- ADDITIONALLY, because on Windows Server 2003 (however, no others I have seen @ least so far), sometimes, the HOSTS file precedence vs. say, local DNS servers on a LAN, gets overridden by them? You MAY have to implement this: How to change name resolution order on Windows 95 and Windows NT Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\ServiceProvider] "LocalPriority"=dword:00000005 "HostsPriority"=dword:00000006 "DnsPriority"=dword:00000007 "NetbtPriority"=dword:00000008 (LOWER NUMBERS HERE = GREATER PRIORITY) As you can see, I give my LOCAL DNS Cache the greatest priority (because it has my HOSTS file loaded into it @ system startup (IP stack startup, actually)), & THEN, my custom adbanner blocking/speedup fav sites (which this post is showing folks how to do, & yes, it works) is next, & then my ISP/BSP's DNS servers, & lastly NetBios/WINS stuff (which I just plain do NOT use, because I have no LanManager style network running here, ONLY Tcp/IP) ---- IMPORTANT NOTE: IF your system seems to "lag" while the HOSTS file is in use (this typically does not occur with 1mb or less sized HOSTS files in my experience), especially IF it is a relatively LARGER SIZED one (in the case I saw where this happened, it was a 12mb sized one I use, & it was applied on a Windows XP Home Edition system w/ 256mb of RAM on an AMD Athlon64 3200mhz system), YOU MAY HAVE TO DISABLE YOUR DNS Client Service! * This is achieved via going to the START button, RUN command, type in SERVICES.MSC & once it comes to the screen, find the DNS Client Service in the list of services & right-click on it (or, doubleclick) & use the PROPERTIES screen, & use the STOP button (to stop the service) & then set its startup type to DISABLED, & this 'lagging' goes away (reboot is recommended, especially on Windows 2000 systems, for the HOSTS file to reload... otherwise, changes may take up to 5 minutes to take, so reboots make that quicker & assured on ANY Ms Windows-NT based OS (2000/XP/Server 2003 & VISTA). ---- DIRECTIONS FOR USE (also in my downloadable CUSTOM HOSTS file above, with MORE on how to really use them to get even more speed than blocking adbanners mind you is in its internal documentation): You replace your: %windir%\system32\drivers\etc Original version of HOSTS with this one (overwrite it, but, first copy your original OR rename it to keep it around IF ever needed), & have @ it (HBO internet, no commercials + thus MORE SPEED (and, you WILL notice it) by not calling out to ad servers, loading their data, & running it... & certainly NO possibility of being infected by adbanners that bear RBN (Russian Business Network) malware javascripted/FLASH bearing adbanners that infect you as has been seen lately/very currently in fact - between this, and stalling out Java/JavaScript + ActiveX/ActiveScripting globally in your browsers as noted in the last step & why? You are "proof" against MOST attacks today (& consider disabling IFrames too, an oft used attack today as well!)). Now, like I do? It IS possible to alter the default location of the HOSTS file, & to take away I/O from your main disk to load it by using another one... like a 2nd HDD you may have IF you have one for example! (E.G.-> I move mine to my CENATEK RocketDrive SSD (solid state RamDisk), for F A S T access since seek times on it are 1000's of times faster than on std. mechanical disks, & doesn't matter WHAT kind - & here I also place my pagefile.sys on its own partition (first) & then webpage caches, %temp% environmental variable ops, logging (even eventlogs, which like HOSTS file, can be moved in the registry to another disk, & applications often have the ability to move their logs in their configuration screens as well)) via this registry key, should you elect to do the same: In regedit.exe's right-hand-side pane, follow this path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters & in the left-hand-side pane of regedit.exe, you change the DataBasePath path value there to the disk & folder you wish to place your HOSTS file in (which makes for faster OS & IP stack initialization since it is on another drive, in my case an SSD so it is THAT MUCH QUICKER since seeks on them are so fast, to load the HOSTS data into your RAM (local DNS cache)). APK P.S.=> To keep "ontop of the latest spam mailers, & also known malicious sites" online? See these sites (1 I mentioned here already, this is the rest of the list I use, & others too): Dancho Danchev (security expert) BLOG page: Dancho Danchev's Blog - Mind Streams of Information Security Knowledge SRI: SRI Malware Threat Center StopBadWare.org: StopBadware.org - Welcome to StopBadware.org Spamhaus (good for the mail end of things): Lookup an IP Address in the Spamhaus DNSBLs PHISTANK ("phunny name", pun intended) - Another really GOOD bad mailer & sites listing: PhishTank \| Join the fight against phishing Between they, & SpyBot "Search & Destroy"? I'd say you have most of, if not ALL of what a "body needs" for these purposes... if you know of others? Please - list them, & thanks! apk Last edited by APK; Sep 3, 2008 at 06:04pm.