Hosts file

Another approach I’ve been trying out, is dns-over-https using the modified cloudflare family dns servers which blocks malware. (There’s another verson which blocks malware and porn).

In the malware + porn blocking version, it’s obvious they’re blocking tons of porn sites at the dns server level. (ie. It returns back “host not found” type of responses).

At this point I have no idea how exactly cloudflare is collating blacklists of malware hosts for this dns-over-https service.

Anecdotally, I’m getting the impresion the cloudflare dns-over-https service which filters out malware and porn at the DNS level, is possibly using some of the information from the urlhaus blacklist.

This was from going through today’s update of urlhaus list, and seeing the differences in dns lookup on my default dns server (from my isp) and the cloudflare family dns server (1.1.1.3).

urlhaus seems to be collecting blacklists of websites which are involved in “fly by night” type of malware/hacking type operations that only last a few days or weeks until they are taken down.

Probably why these urlhaus blacklists are updated once or twice every day. I use urlhaus as another list on my ublockorigin setup. It would be too much work to update pi-hole or generic hosts files (like what coolcolors is doing) every day with something like urlhaus, for a home desktop (or laptop) system.

Though if I was running a computer network at a workplace (or government office), I would be updating the host blacklists every day with urlhaus and a few other blacklists which are updated daily (or semi-daily).

Hi there, it’s been a long time. Been using coolcolors host files for a long time and it works wonders. I’m having an issue with a url shortner website that wont let me pass. Could you tell me what to delete from the host file to get through this site?

https://fc.lc

@Zzyzxroad Is that the actual site when or a short url to the actual site itself? It looks like a login site is that the actual site itself? As I don’t have a login for it. What errors are you getting? Which hosts edit date are you using? And when you do login what does it do? What Browser are you using and what A/V program do you have installed and are you using any other adblockers besides this one?

The site I clicked on the Login and it ask for the Login and password. Are you seeing this? I tried on both FireFox and Chrome with Windows 10 Pro and Windows Defender. And since you been gone for some time it might be good to get the latest one and try again to see if something wasn’t change from since the last host you used.

@jcroy I rather not have a site track what one does on the internet that is leading to Privacy issues here. Anything that goes though a 3rd party is Recipe for Privacy Invasion since you have no idea whom is watching your internet traffic or what they are reporting on what your doing. Not only just you but your entire family if they use the same ISP it will go through them regardless.

PC Windows hosts custom edited adblockers 4-23-20

Look like the site is updating on a monthly basis now before it was like 2 weeks or unless something major change came along.

hosts 4-23-20.zip (97.5 KB)

For privacy specific purposes, I was mostly using the mvps host list over the 2000s decade. In more recent times after 2010, I was using the Dan Pollock host list.

@coolcolors. I guessed I should have checked the link first. because of the content could I PM you the link so I don’t break any rules?

As a first approximation, one can probably get the same rigorous malware blocking via that cloudflare family dns-over-https service, by just using the daily urlhaus blacklists either in pi-hole or a host file. Enhancing privacy would have to be added in addition, such as adding another list such as mvps, dan pollock, etc … and weeding out any duplicates.

Many of the entries in Dan Pollock’s list are not blocked by this cloudflare family dns service. (There’s also quite a few dead entries in pollock’s list, from expired defunct domains/hostnames).

@Zzyzxroad that is fine as well so I can see if there is anything different that your seeing that I am not seeing. If something is different I experiment to see what changes or url are showing up that you or I aren’t seeing.

@jcroy AFAIK back then I didn’t have any hosts blocker and the junk that came up on sites was just pain in the butte. But it wasn’t til I research and researched that I found the current hosts file I am using now. There was the MVPS but that changed to 0.0.0.0 and that doesn’t work for me. Then I found the second hosts editor that used 127.0.0.1 which worked for me and stayed with it since that time. I left MVPS because it no longer fulfilled my 127 needs. They said it was no problem from MVPS but I doubt that is the case as they also on their site stated using 0.0.0.0 could have problem with system using 127.0.0.1 which most still use.

The blockers are only good as the people who updates them to update sites and new url to block. That’s why this for me is a ongoing process til I either retiree or can’t update this anymore but til that time - I will do my upmost to keep this going so others can enjoy the internet as it was intended free of JUNK/malware/redirects for those whom aren’t Savvy users. What I did to the hosts file once they follow the instruction is a internet free of unwanted harassment and they can get to where they are going to. I also have added to my Browsers IE, Edge, Firefox, Chrome adware/email popups Addons to kill ads so if you go to YT all those ads are skipped or blocked from showing and on email site banners on the side are removed from the sides. If anyone wants to know these programs I can add them here so they can look them over. I know they worked because I was the test subject to install and run them. And from there I found which one would do the job that their description said it would do. If not for these Addons to the Browser those YT ads and video ads were driving me crazy but now I can watch video or streams free of junk ads and email yahoo or gmail are free of those side banner ads and I can get to the business of reading/sending email without accidentally clicking on a ad link. The hosts file can’t catch those are they are constantly changing but now with the Addons it compliments the hosts file to further block unwanted junk.

Easy to change all the 0.0.0.0 back to 127.0.0.1 with a sed command run from a command line (such as cmd.exe in windows or bash.exe in linux/mac). That’s what I did on systems which didn’t know how to handle 0.0.0.0 properly back in the day.

sed -e ‘s/0.0.0.0/127.0.0.1/’ mvps.txt > newmvps.txt

On my current desktop computers, in practice I’ve found that 127.0.0.1 runs a lot slower in dns lookups. Especially when the host blacklist file has hundreds of thousands (or over a million) entries, I’ve found that 0.0.0.0 runs a lot faster than 127.0.0.1

With a smaller sized host blacklist file (such as mvps or dan pollock) on a current/recent computer, the speed differences between 0.0.0.0 and 127.0.0.1 is not really a big issue.

Back in the day when I was primarily using the mvps blacklist (circa 2000s decade), I was also turning off scripting by default in mozilla (and later firefox).

In those days, mozilla/firefox had a button in one of the menus where javscript could be turned on or off by hand. Advertising and really annoying stuff was easily blocked by turning off scripting at the time. (Later versions of mozilla/firefox removed this button entirely).

The only time I turned on javascript by hand in mozilla/firefox, was when the website was not functional. For example, such as some message boards whose software required scripting in order to make new posts.

As time went on, it became harder to simply eliminate annoying stuff in this manner. (Such as websites which do too much “inline” scripting).

Thanks. I removed it from Pi-Hole.

Thanks. I applied it in Pi-Hole and that along with pretty much the rest of the default filters, or thereabouts, it’s currently showing… Domains on the Blocklist = 605,418

but ill have to see how things play out with it over the next month or so. because I think the key is finding a HOSTS file that blocks as much junk as possible but without breaking websites. but so far, the ones that came with Pi-Hole along with MVPS/Adaway don’t seem to be messing with anything.

p.s. I noticed memory usage went up a good amount as it’s currently floating around 82.18MB as I think it was around 30MB or so the last I checked. but it’s a non-issue though as the laptop I got Pi-Hole running on has 2GB of RAM and ‘Memory usage: 16.5%’ is shown on Pi-Hole so it’s not even remotely close to running out of RAM.

EDIT: it appears it blocked fossbytes.com so I had to whitelist that.

If I had to guess, that fossbytes entry was probably from a blacklist which hasn’t been culled for awhile. There’s many blacklists which appear to have been abandoned by their maintainers, and haven’t been updated in a long time.

I distinguish between host specific blacklists, and domains type blacklists. In practice, I’ve found domain blacklists aren’t quite as useful for hosts file style blacklisting on ms windows type systems.

On linux type systems, pi-hole and dnsmasq can blacklist entire domains (ie. ALL the hosts under the domain name). To do the same entire domain blocking only using a hosts file on ms windows, it would require redirecting every single host in the domain to 0.0.0.0 or 127.0.0.1 by listing every single host in detail (including aliases under the same domain).

Nevertheless, my current host file blacklist on ms windoze is just a concatenation of the mvps and dan pollock lists where I just removed the duplicates. (I wrote my own script which does this all in one swoop, which can incorporate additional blacklists easily).

The mvps and dan pollock lists are small and good enough to do this style of host file blacklisting, without significantly slowing down dns lookups. (Such as blocking known long lived advertising and tracking servers).

PC Windows hosts edited update 5-17-20 this also has update in reply to

hosts 5-17-20.zip (97.9 KB)

1 Like

PC Windows hosts custom adblocker update 6-8-20

hosts 6-8-20.zip (97.9 KB)

PC Windows hosts custom adblocker updated 6-26-20

hosts 6-26-20.zip (97.9 KB)