Tweak DNS for faster access in XP.

Hello forum folk,

There are a lot of myths about hosts files and DNS caching. Read this to open a discussion: http://www.oreillynet.com/pub/a/network/excerpt/winxphacks_chap1/index1.html?page=3. Some say working with hosts files and programs like hostess, or host manager is outdated security. Some check their host files against manipulating spyware, for instance Spybot S&D does. Who is right, and why?

Comments please,

polonus

The DNS Error Caching Tweak is effective but there is a much easier way to do it. Just use: TCP/IP Optimizer. It will adjust this setting for you.

Hosts files are completely unnecessary for performance or to block spyware. There is much more effective protection such as Spyware Blaster and simply installing SP2 if you have XP ect… DNS Caching will give you the best performance benefit automatically.

Spybot has a hosts file option but it is not installed by default and I wouldn’t recommend doing it, the immunize feature is more effective.

Hi Mastertech,

Which is so for XP and XP Pro, but not for people running updated older versions like Win 98 SE unofficial updated version. Lots of people use these on older machines in the second and third world, and they want to be well protected as well.
Also some server types use hosts files. A story is right, completely right, and partly right. Why do people still make updates for hostfiles, why there are block files around, when there is no need for it or when it is outdated security?

greets,

polonus

Are you saying that Host Manager is not only outdated security but even a resource hogger?
I know that some redirections of Host Manager are checked by SpyBot and Ad-aware as being hijacks and they remove them but, if it is not that useful (secure and resource helper), why do some of us (users) say it’s a good idea using a Host file manager?

I know Eddy is against of this 8)

Which is so for XP and XP Pro, but not for people running updated older versions like Win 98 SE unofficial updated version. Lots of people use these on older machines in the second and third world, and they want to be well protected as well.
Good question. The single biggest threat to just about every version of Windows is MSJVM. Everyone needs to uninstall MSJVM immediately and use Sun's Java instead. The reason people think they need a Hosts file is because they are not removing the biggest security hole in IE = MSJVM. For ActiveX protection use Spyware Blaster it works in all versions of Windows including 98, so does Spybot's immunize feature. For pop-up blocking on these machines use the Google Toolbar. Don't forget all the Windows Security updates and finally an AV like Avast! ;)
Also some server types use hosts files. A story is right, completely right, and partly right. Why do people still make updates for hostfiles, why there are block files around, when there is no need for it or when it is outdated security?
Hosts files have some rudimentary uses with setting up LANs. I don't know why so many people use and recommend Hosts files. Usually because they think they need them. Spyware Blaster provides "block protection" but it is much more effective to remove the security exploit to begin with, like uninstalling MSJVM!
Are you saying that Host Manager is not only outdated security but even a resource hogger?
Both, if you never get infected with any spyware why do you need a hosts file? That question answers itself.

Unbelievable easy to understand and you Mastertech explained it in a wonderful and easiest possible way. Thanks for joining these forums pal, we sure need people like you in here ! What took you so long to come in here ? ;D ;D ;D

Also, I wanna point people’s attention to this thread started by Mastertech:

http://forum.avast.com/index.php?topic=16975.0

Wonderful web site ! Great work Andrew ! :wink:

Is this compatible with apps such as Web Shield?

I am not a tech literate but I like reading discussions (not “arguments,” of course. ;)). Let’s see. 8)

Wonderful web site ! Great work Andrew !
;D
Is this compatible with apps such as Web Shield?
Sure, the TCP/IP Optimizer merely adjust your TCP/IP network related settings to more optimal values. It has nothing to do with Web Shield. It also does not run in memory. You run the utility one time.

Exactly… change some settings inside the tcpip.sys and they stay permanent… of course until you decide to run that utility again and revert to some other or old settings…

Then, it is a setting utility or a tweak app, which only optimizes native function of Windows. Thanx for the explanation.

Unfortunately, the effect of prefetch function was not obvious on my system somehow but this one was a hit: it dramatically increased my connection speed. I thought it was quick enough but it seems that I hadn’t got what I had paid for. Thanx for introducing this app. :wink:

Try TreeWalk :wink:

Additions of ‘bad’ sites to the hosts file is useful a) for blocking ads and b) for blocking sites which carry malware, thus alerting you to the fact that it’s probably not a good idea to download a program from that site, or even visit it (if you could) if you browser and OS are not completely bang up to date. Without the hosts entry you could visit that site and download the adware or spyware program even with SP2 and the latest updates.

I think some sites that do not respect your privacy also get blocked.

It’s another layer of protection. Is it really necessary? Who knows. I’ll make that decision myself.

For some reason Spybot detects some entries as malware redirections, when in fact the ‘bad’ address is being redirected to 127.0.0.1, not a ‘good’ address to a ‘bad’ one: seems to be some CoolWebSearch entries that it picks up.

(Chuckles). A discussion is always fun as long as played gentlemanly. :wink:

No it is not necessary. I’ve proven it, you will not get infected with Spyware without a Hosts file.

CWS cannot install if MSJVM is removed, try it and be spyware free.

I accept that point. Blocking CWS sites is redundant if you have patched the vulnerabilities or switched Java machine.

But without a hosts file you can go to evilsite.com and download and install vicioustrojan.exe. With the hosts file, you will not even get to the site. And of course, the site will probably be called lovelyfreedownloads.com and the file will be called wonderfulfreeaplication.exe.

If you download and install an adware, spyware or Trojan program, you will get infected, even with a spick-and-span-bright-as-a-new-pin OS.

But without a hosts file you can go to evilsite.com and download and install vicioustrojan.exe. With the hosts file, you will not even get to the site. And of course, the site will probably be called lovelyfreedownloads.com and the file will be called wonderfulfreeaplication.exe.
You can get this from visiting a website? Show me the link that allows this to autoinstall. That is what you want to stop. Autoinstalling Spyware.
If you download and install an adware, spyware or Trojan program, you will get infected, even with a spick-and-span-bright-as-a-new-pin OS.
You can always get infected with an application you download. This is impossible to block. Using a Hosts file to try and stop this is like spitting in the wind. Any spyware maker with half a brain will just register new IPs. There is nothing you can do about it. Any sort of security you think you have from this is completely false.

I’m not talking about autoinstall, I’m talking about a manual install, as in downloading a crack or a smiley-maker or a MSN add-on.

This is impossible to block. Using a Hosts file to try and stop this is like spitting in the wind. Any spyware maker with half a brain will just register new IPs. There is nothing you can do about it. Any sort of security you think you have from this is completely false.

Maybe. You can say this about AV’s too.

Most of my sense of security comes from a good firewall, and an up-to-date system. I don’t like to download anything except from sources I know and trust.

But the hosts file does block ads well.

You can say the exact same thing about viruses, which is why antivirus companies detect the virus signature and not the source it was distributed from.

And if you want to block ads there are much better ways to do it.

It works for me. :wink:

Do you have DNS caching turned off?