For those of you interested in using custom HOSTS files (for BOTH added security & added speed online)?

"APK Hosts File Grinder 4.0++"





----

The application above has been built by myself, for folks just like YOU, & of course, myself!

----

It allows you the end-user, the ability to:

1.) DO very EASY Integrating the HOSTS files of others, such as MVPS.ORG & others noted @ wikipedia, here -> http://en.wikipedia.org/wiki/Hosts_file (even if in other internal line-by-line formats) "scrubbed into" the MOST EFFICIENT format there is (allowing less memory &/or disk space occupancy for loading, of 0<singlespace>URL<cr+lf> ), first, & then..

2.) Speed up access to your fav sites, via 1st pinging them (so their IP Address IS up-to-date/current), & adding them to the normalized non-repeat line items list on the right above

3.) Add/remove sites from a hosts file, but by first checking for their pre-existence inside the HOSTS file on ADDS, & rejecting if there already (& adding if NOT present)

4.) Lastly, it will FULLY NORMALIZE (accurately 110%) a HOSTS file (normalize = removal of duplicates)...leaving you with one in the MOST efficient format line-wise there is (noted above, which consumes less memory & faster loadtime from disk)

----

It has allowed me to:

A.) Take valid HOSTS file data EVERY known & respected HOSTS file there is (noted from the wikipedia link above, & also from SRI, Shadowserver, Dancho Dancheve's Blog, SpyBot S&D, Spamhaus, Phishtank, + others also, such as my own research into this area), & integrate them FIRST into a HUGE 20mb file, & then via normalization, reducing its size to 12mb on disk (removing repeats which they will have between one another & sometimes inside of themselves even), reduce its size that way (1/2 the intial size almost from all that date), first...

B.) It has also made a 12mb SUPER-COMPREHENSIVE custom HOSTS file out of an intially 20++ mb sized one, from the sources above... allowing the SAME function as they offer (because their HOSTS FILES' many times using 127.0.0.1, or, 0.0.0.0 formats, instead into a MORE EFFICIENT ONE, of 0<singlespace>URL<cr+lf>)... thus, MASSIVELY reducing its size on disk & in RAM once loaded into your local DNS cache, yet offering the SAME function!

C.) Create a CUSTOM HOSTS FILE loaded with FULLY alphabetized entries into your HOSTS file (so it is easy to search thru, even via notepad.exe).

-----

* It can do the same for you as well, should you be interested in such a tool... if you are? Email me, here:

apk4776239@hotmail.com

APK

P.S.=> General statistics on its, while in operation:

700k-5900k memory occupancy prior to load of HOSTS file data...

( & up to 167mb IF a "huge" hosts file (like 1 million++ line entries) is used)

Its runtimes (noted above) will vary, depending on the size of the HOSTS file being processed (should NOT exceed 3 hrs (&, for most folks, since they do NOT have files of such size in their HOSTS file? Heh, it will be the "blink of an eye" on most all sections (scrub, add/remove entries - validate entries, normalization-removal of repeated items, & save to disk) up to 2 minutes or so)

PLUS - It was built in the MOST efficient & fastest code combination I know of (Borland Delphi 7.x, Win32 API, & Inline Assembler code)

(Especially for this type of string processing (of which Delphi alone in math & strings often MORE THAN DOUBLED (sometimes, tripled) the speed of both MSVB & MSVC++ in, in (of all places) Visual Basic Programmer's Journal Sept./Oct. 1997 issue "INSIDE THE VB COMPILER" issue))

+

A truly "SUPER-EFFICIENT" algorithm, on each area of processing (especially normalization, taken down from DAYS time over 1 million++ records, to only 3 hours time max, if no repeats exist... if repeats? Far, FAR faster!)

Which speaks worlds alone right there... this app makes FAR shorter work of this, than does using ping.exe (for speedup of sites), MsAccess (via SQL Select Distinct queries work, & the potential import/export hassles it can have (leaving trailing spaces &/or quotes for example, bloating files on export)), & notepad.exe (good luck normalizing one using its Edit-Replace menus is all I can say... especially IF you have a BIG hosts file)... apk

Well, funny YOU should ask THAT: Considering this post has only been here roughly 45 days (not even that), & it's your MOST VIEWED in that timeframe !

(Data that backs my statement here is easily obtainable via the selection boxes fields of SORTED BY, SORT ORDER, & TIMEFRAME fields your forums has)

Soooo... that OUGHT to be "self-explanatory" by that point (645 views in less than 45 days - nothing else in that timeframe in this forums section even comes CLOSE to that level of views)...



* Additionally/once again: I can literally also show you MANY forums online (I posted this all over the web from 6 months ago to present day, your forums here being amongst the last in fact) where this very post (title is ALWAYS the same -> "HOW TO SECURE Windows 2000/XP/Server 2003" <- By searching that quoted phrase on GOOGLE, you can see this statement of mine has factual basis as well) was mode either a:

• STICKY/PINNED Thread

• 5/5 Star-Rated Thread

• Essential Guide

On 15/20 forums it was featured @/posted on...

HECK: 1 website even PAID ME for this content ($100 January 2008 winner @ PCPitstop.com in fact), when I won its monthly prize for that in fact, on my very first posting there no less...

APK

P.S.=> Also, I can quite literally & QUICKLY show many forums where folks DID employ this material, to GOOD effect no less (no more security hassles that I know of)!

As well as showing that I DID HELP FOLKS THRU VARIOUS SECTIONS THAT "CONFUSED THEM" as well... when asked to do so.

E.G.-> This site, see Thronka, midweskid, &/or AlexStarFire + their questions (& more importantly, their results):

http://forums.guru3d.com/showthread.php?t=246538&page=5

There, thru @ least 4 folks thru its pages, I helped them thru issues they had implementing CIS Tool's suggestions list...

(For AlexStarFire, in particular? This resulted in the ABSOLUTELY HIGHEST SCORE I HAVE EVER SEEN FROM A WINDOWS USER no less (on XP, I use Windows Server 2003 SP #2 fully hotfix patched, which has been noted as "the most secure Windows to date" from various sources))... apk

A very GOOD one, to help others NOT get 'suckered' out online... where it might cost them their credit rating (or, other "identity-theft" related crap).



Nothing to "advertise", or sell etc. et al... just good advice, for those that are willing to take it, & are patient enough to examine all of this. I can't make it any shorter, w/out adversely impacting crucial details or examples etc. et al!

(&, For nothing/gratis/nada - "outta the goodness of my heart", lol, well... actually, to satisfy my "New Year's Resolution", of "DO A GOOD DEED"... so far, so good too!)



No, please... don't "leave it alone"!

E.G.-> It would be nice, for example, IF you & yours here can find ANY "weaknesses" in this content, instead!

(Please - let us ALL know if you or others here can...)

I credit those who do in its content (if you read it that is, you will see) across any forums where I am still able to edit it (not all forums allow this unfortunately, though some gave me MOD/ADMIN powers to do so on them)...

I actually INVITE any of you to "frantically" find any holes in this content (better yet, to ADD something NEW to it maybe, that I missed), so others can gain by it (even myself)...



* Thanks!

APK

P.S.=> Funniest part, I have noted? Is that Ms-MVP's even gave me a 'hard time' about some of the content (such as the VIRUS REMOVAL section)... & even NIST recommends & has that in THEIR guides... so much for "MS-MVP's", eh?

The folks that have helped the most, in finding 'weaknesses' or 'omissions' on my part in this guide? Have been "regular joes" from forums, 3 of them thusfar of nearly 125,000 views across 15 forums this is on... oddly enough!

Maybe a "more fresh pair of eyes" (one less 'programmed' lol), is better here... get someone to 'think outside the box' (cliche, but fits).

Especially, vs. the "so called experts" (most of which I have LITTLE respect for, as most of them such as the "Ms-MVP's" I noted earlier? Can't even code, & w/out that? I truly believe you are NOT "reading music", you're @ best, using "tablature"... music folks will KNOW what I mean there)... apk

Simply WOW, thats a lot of information, i will admit i skimmed through it, but then went back and had another read, if someone wants to hack onto my PC then fine, but they won't anything very interesting or worthwhile.

Oh, if thats you in the picture, i love your hair! (I am not being sarcastic).

And i don't think anyone here calls themselves an expert, or do they?

Well, nowadays, they're not just after "wrecking your rig" etc. et al, they're after YOU... mainly your cash, or credit, etc. et al (it's now a "money game" man, the serious kind, really).

Take your time though, & run the CIS Tool @ least... that is the "main focus" of this... to make DOING this, easier (& actually, a bit of fun... that is, if you like things like benchmarks, because basically, it IS a 'benchmark of security' really).

Taught me a "trick-or-two", & I've been @ this field professionally for nearly 16 yrs. now (maybe 25 years TOTAL time though)



It's STILL that way, only a bit longer now... time to cut it, tomorrow... oh well!





Nope, didn't see that... nor do I expect it!

I am only noting that 'regular folks' did a BETTER JOB than even known 'security experts' did in finding 'holes' in this guide... so far, 3 regular guys have (not comp. sci. experts either, just sharp cookies, found 3 things I omitted, & thus, I credited them... that goes, in my book, where it's due is all).

SO - if you read this, I had 1 such fellow (securityfocus.com guru) review this & he did not note or find what others, 'regular forums folks' had...(SO, so much for "experts", eh?)

APK

P.S.=> A 'pretty terrifying concept' is in my next post... take a read, & know why I recommended now, for years, turning off OR limiting the usage of things like javascript/java/activex etc. et al... this one's worse though, by far, imo @ least! apk

Researcher to demonstrate attack code for Intel chips:

http://www.infoworld.com/article/08...el_chips_1.html

SALIENT/PERTINENT EXCERPT:
----------------------------------------------------
"Kaspersky says CPU bugs are a growing threat, with malware being written that targets these vulnerabilities... Security researcher and author Kris Kaspersky plans to demonstrate how an attacker can target flaws in Intel's microprocessors to remotely attack a computer using JavaScript or TCP/IP packets, regardless of what operating system the computer is running."
----------------------------------------------------

* Now can anyone see WHY I recommended turning off Java/Javascript (& other browser addons/extension languages) for "every site you use under the sun" + IFrames too?

There are more examples inside this guide, & of this SAME type of idea (crank off the java/javascript etc. et al & ONLY keep it active on sites you ABSOLUTELY need it for, to have the site function properly - lessening your potentially attackable surface online basically).. heck, even adbanners have exploits of this nature in them lately...

The examples I put in this guide ARE far older too, dating back 1-3 yrs. but the point is only here, again, & moreso (far more dangerous this time, imo @ least)...

APK

P.S.=> TRY TO THINK OF IT, THIS WAY (for laughs):

Hey, see my signature?

Think of me saying that to you, except giving you a "phased plasma rifle w/ 40 watt-range" to work with, via this guide, vs. these machinations...

(... & good luck, + score well on CIS Tool, it's a good start (the rest of what I add, ontop of CIS Tool's stuff, the "industry best practices" type stuff (which IS good, + works) helps a lot more - staying safe(r), online, though some may be considered "radical" & overdoing it, there is no such thing... along w/ some "common-sense", of course!).

1-2 hrs. of your time, for years of uptime + stability, into the distance... apk

Well, @ this point?

I think this guide's PRETTY SOLID, because nobody has been able to "add points" to it, from across 27 other forums online (many are "serious geek" oriented sites too)!

(... & the fact that some folks from "THE PLANET" (a large website & hosting provider online) offered to hire me on as a remote security specialist @ this point (pretty cool) for Win2k3 servers they use, as well as what appears to be their personally managed or owned sites also (KTInteractive)).

In any event?

@ People Reading:

This IS your "Iron Man Armor Online"!



So, have @ it ('snap it on') - & enjoy a F A S T E R, & FAR MORE S E C U R E online setup on your Windows NT-based OS' of today (Windows 2000/XP/Server 2003 & yes, even VISTA to a good extent) via applying CIS Tools' suggestions & my own that "layer ontop of it"...



* I am FAIRLY certain it's done - As I can't think of any more points & methods to secure your Windows NT-based rigs, & thus, I close this post off... she's all done as far as I am concerned... this same message will go across ALL others like it that I am still able to edit/add to online, @ some point today in fact.

APK

P.S.=> Sorry for the 'closing note' but, if anyone's interested, this is the "final model" of this guide & its points... enjoy! apk

I am. 99% of the time I goof when posting so I guess that makes me an expert goofer.

"JARVIS? Sometimes, you gotta RUN... before you can walk!" - TONY STARK (IRON MAN)



APK

P.S.=> Life'a ALL about that, so you take it, "skinned knees & all"... the best things I've found that I've learned, often CAME @ the price of my own mistakes (they're the "lessons" I never forget in fact, personally - it's that way, with a "punch in the head", don't ya think? I do @ least)... apk

Microsoft missed patching a KNOWN issue on this literally BIGGEST Ms-Patch Tuesday to date on 12/09/2008 (most bugfixes issued ever by Microsoft, & to close off year), & then?

Read here below to get the details, + past that, to patch yourself easily with an easy fix I figured out:

----

Oops! Missed One Fix — Windows Attacks Under Way:

http://it.slashdot.org/comments.pl?...93&cid=26072169

----

&

----

Microsoft warns of new Windows bug, says attacks under way
(WordPad Text Converter flaw wasn't patched in big Tuesday update):

http://www.computerworld.com/action...ticleId=9123100

----

What is below, courtesy of "yours truly", fixes it!

(Simply by altering the file association for the Explorer/IE shell from WordPad.exe to winword.exe (it's immune to this, & Ms-Word handles old Windows 3.x & NT 3.5x Ms-Write .wri files, just fine...))

.REG FILE TO USE IF YOU USE WinWord 2003/Ms-Office 2003 (easily altered for 2000/XP/2008 versions):

----

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.wri]
@="Word.Document.8"
"Content Type"="application/msword"

[HKEY_CLASSES_ROOT\.wri\PersistentHandler]
@="{98DE59A0-D175-11CD-A7BD-00006B827D94}"

[HKEY_CLASSES_ROOT\.wri\Word.Document.8]

[HKEY_CLASSES_ROOT\.wri\Word.Document.8\ShellNew]
"FileName"="winword8.doc"

----

• 1.) Paste what is between the dashed lines only above, into notepad.exe

• 2.) Save it as TYPE "All Files", & on disk as APKMsWordPadBugFix.reg

• 3.) , & then open it using regedit.exe. It will ask if you want to merge this registry file. Do so.

(That's a fix before Ms issues a fix, because it changes the .wri file extensions' file association from opening in WordPad.exe if you click on any bogus files sent your way, hopefully not, but just in case, & the shell will spawn the process as Microsoft Word, which is immune to this in most modern versions of it, if not all versions)

A simple to do, easy fix for anyone, even before MS issues a fix...

POTENTIALLY/POSSIBLY IMPORTANT:

IF you have versions of Ms-Office (Ms-WORD specifically), other than 2003?

You MIGHT have to change "Word.Document.8", wherever it appears above, to whatever version number yours is, along with the GUID used to do the OLEServer library marshalling/summoning of Word to open .wri files with, instead of Wordpad.exe & that's found in the .doc file association under -> HKEY_CLASSES_ROOT , easily enough)...

APK

P.S.=> "We can do this... We HAVE the technology!", lol, too bad MS didn't, talk about easy, I don't see HOW they could have missed this IF it was a KNOWN issue that came up before "Patch Tuesday" 2 days ago, I thought of it in literally 2 seconds, & took maybe 2 minutes to make the file & test it, it works... apk