Count = 15,114
http://www.mvps.org/winhelp2002/

Anonymous Bob wrote:

> Count = 15,114
> http://www.mvps.org/winhelp2002/

I don't use pre-compiled hosts lists. However, at this high a count for
entries in a *text* file (which isn't cached and isn't a database file
to provide, for example, for quicker searches through a binary tree),
I'm wondering how the use of such a huge list will impact the
performance of the web browser.

I remember looking at the MVP hosts file a couple years ago. Back then
there were 52 entries for DoubleClick alone. The hosts file is just
that: it lists hosts. It doesn't list domains so each blocked *host*
must be specified (i.e., host.domain.tld, not domain.tld). Since anyone
can rename their own host in their own nameserver, and since some
nameservers are configured to return the same IP address for a
particular host no matter what hostname is specified, it seems an
ever-changing or untargetable method of identifying unwanted hosts.

Not the above URL does not show you to a download link for the MVP
version of the hosts file (other entities also have pre-compiled hosts
lists where you relinquish control to someone else who has deemed a site
as something bad). The download is there but somewhat hidden. Click on
the circled "There's no place like 127.0.0.1" (to the left of the ad
promo for the PW site [who think alt.comp.freeware is their special-
interest newsgroup]). I have no idea why the MVP site doesn't make very
obvious a link to their hosts file. It's at:

http://www.mvps.org/winhelp2002/hosts.txt

They now have 82 entries where "doubleclick" appears in the domain
portion of the hostname. Does that mean Doubleclick now has 30 more
hosts for controlling their content than before (when I saw 52 listed)?
Not necessarily. Could mean that the author(s) for the list simply
found some more hosts that already existed that he/she didn't know about
before. Does Doubleclick actually have all 82 hosts actively handling
their content (i.e., those hosts exist). Not necessarily. I'm not sure
that once a host gets listed in the MVP hosts list that it ever gets
removed even after that host no longer exists.

From their site, "In many cases using a well designed HOSTS file can
speed the loading of web pages by not having to wait for these ads,
annoying banners, hit counters, etc. to load." Okay, but after what
point in creating an ever increasingly large list does the list itself
end up slowing down the serial local lookup through a text file more
than the ad that it might block in a web page?

** reply interspersed

"VanguardLH" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I don't use pre-compiled hosts lists. However, at this high a count for
> entries in a *text* file (which isn't cached and isn't a database file
> to provide, for example, for quicker searches through a binary tree),
> I'm wondering how the use of such a huge list will impact the
> performance of the web browser.

Fine. That's your choice to make.

<snip>

> They now have 82 entries where "doubleclick" appears in the domain
> portion of the hostname. Does that mean Doubleclick now has 30 more
> hosts for controlling their content than before (when I saw 52 listed)?
> Not necessarily. Could mean that the author(s) for the list simply
> found some more hosts that already existed that he/she didn't know about
> before. Does Doubleclick actually have all 82 hosts actively handling
> their content (i.e., those hosts exist). Not necessarily. I'm not sure
> that once a host gets listed in the MVP hosts list that it ever gets
> removed even after that host no longer exists.

I've never checked but I have faith in those who compile the list.
Should you care to verify the entries, you might consider:
http://majorgeeks.com/Sam_Spade_d594.html

> From their site, "In many cases using a well designed HOSTS file can
> speed the loading of web pages by not having to wait for these ads,
> annoying banners, hit counters, etc. to load." Okay, but after what
> point in creating an ever increasingly large list does the list itself
> end up slowing down the serial local lookup through a text file more
> than the ad that it might block in a web page?

It isn't only the download time for the ads. It's also the DNS lookups.

As stated on the site, you would want to disable the Windows DNS resolver
cache.

The primary purpose of the hosts file has evolved over the years and now is
used to block malicious sites. I consider that to be a part of my layered
defenses. Those of us who use it and those who compile the file consider it
worthwhile. I guess this is the point where I should thank those hard
working people, so thank you, you hard working people. ;-)

Respectfully,
Bob

On Thu, 3 Sep 2009 00:46:48 -0400
"Anonymous Bob" <(E-Mail Removed)> wrote:

> "VanguardLH" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > I don't use pre-compiled hosts lists. However, at this high a
> > count for entries in a *text* file (which isn't cached and isn't a
> > database file to provide, for example, for quicker searches through
> > a binary tree), I'm wondering how the use of such a huge list will
> > impact the performance of the web browser.
>
> Fine. That's your choice to make.

I'm not clear how this replies to the OP's wondering outloud if the use
of a huge HOSTS file effects browser performance. There was some
problem with with IE8 and users of a HOSTS file early on, although I
don't recall if the size of the list was the issue.

Gene

<(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Thu, 3 Sep 2009 00:46:48 -0400

> > Fine. That's your choice to make.
>
> I'm not clear how this replies to the OP's wondering outloud if the use
> of a huge HOSTS file effects browser performance. There was some
> problem with with IE8 and users of a HOSTS file early on, although I
> don't recall if the size of the list was the issue.
>
> Gene

My first line only addressed his first line, that he doesn't use a hosts
file. I indicated later that he should disable the resolver cache. I also
mentioned later the blocking of malicious sites. Those sites could have
greater impacts than browser speed.

As to IE8, I haven't experienced that problem on XP and have no experience
with Vista.

Respectfully again,
Bob

Anonymous Bob wrote:

> The primary purpose of the hosts file has evolved over the years and now is
> used to block malicious sites.

When did ads become malware? Most the folks that I've read their posts
that are using the hosts file are using it to block ads. You actually
know of Doubleclick spreading malware?

"VanguardLH" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Anonymous Bob wrote:
>
> > The primary purpose of the hosts file has evolved over the years and now
is
> > used to block malicious sites.
>
> When did ads become malware? Most the folks that I've read their posts
> that are using the hosts file are using it to block ads. You actually
> know of Doubleclick spreading malware?

I didn't say that ads are malware, but now that you mention it...
http://www.scmagazineus.com/maliciou...article/35605/
http://www.smartcomputing.com/editor...05%2F25s05.asp
http://www.roseindia.net/community/s...ertising.shtml

As for doubleclick...
http://www.theregister.co.uk/2009/02...butes_malware/

If you do a simple Google search for "ads" and "malicious" you get 1,350,000
hits:
http://www.google.com/search?hl=en&s...=ads+malicious

The FTC seems to frown on the practice:
http://www.ftc.gov/os/caselist/0723137/index.shtm

I would invite you to spend some time visiting one of the blogs at
msmvps.com:
http://msmvps.com/blogs/spywaresucks/

Please give my respects to Sandi.

Respectfully,
Bob

Infected banner ads have been, in the fairly recent past, a significant
source of malware. I don't know whether the providers have cleaned up their
act, but I've seen an infected banner ad at an entirely legitimate site at
some point in the last two years.

My understanding is that the hosts file also may list hosts whose entire
content is malware--the places where links in spam email take you, for
example.

I'll say parenthetically that I don't use the hosts file myself, and I don't
know the answer about the performance issue--but I suspect that it is
manageable. I guess if my office had been using the hosts file two years
ago, we might never have seen the virus alert from that infected banner ad.
And, if our antivirus vendor (Microsoft) had not been on the ball, we might
also have not seen that alert--and been infected!



"VanguardLH" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Anonymous Bob wrote:
>
>> The primary purpose of the hosts file has evolved over the years and now
>> is
>> used to block malicious sites.
>
> When did ads become malware? Most the folks that I've read their posts
> that are using the hosts file are using it to block ads. You actually
> know of Doubleclick spreading malware?

Anonymous Bob wrote:

> Please give my respects to Sandi.

Sandi?

"VanguardLH" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Anonymous Bob wrote:
>
> > Please give my respects to Sandi.
>
> Sandi?

Sandi is the blogger MSMVP at spywaresucks and spends her time hunting down
sources of infections from rouge ads.
http://msmvps.com/blogs/spywaresucks/