Hosts file to block images

[Hall]

I'm on XP Pro.

I've always used the hosts file to block advertising images to appear in
pages by entering their url with 127.0.0.1.

This doesn't seem to work anymore. Has something changed?

 

[PA Bear]

Has your hosts file changed?

 

[V Green]

Did it perhaps stop working when you
applied SP2?

It probably screwed this strategy over with its
so called "security enhancements".

 

[Paul W]

Maybe the Urls where the ads are, have changed....

I do this as well and this technique still works for me - even after sp2 and
allpatches

 

[PA Bear]

The Urals have ads now? <w>

Maybe the Urls where the ads are, have changed....

I do this as well and this technique still works for me - even after sp2
and allpatches

 

[David Candy]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Database Path tells you what host file it is using.

 

[Hall]

Everyone

I've verified the location of the hosts file and its in
C:\WINDOWS\system32\drivers\etc
which is the only hosts file in the system, and is the correct location
according to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Databa
se Path

Yes, I do update it and it has lines like this
127.0.0.1 ad.linksynergy.com
127.0.0.1 ad.trafficmp.com
127.0.0.1 ad.usatoday.com

And yet images from these urls still appear in IE.

Any ideas?

Thanks!

 

[Modem Ani]

Your situation is an illustration of why the 'hosts file' solution is not,
IMHO, a solution worth pursuing. I say this even though other people would
disagree.

Anyone serving bytes on the Internet can and will use multiple domains and
IP addresses and will change them at will. Your hosts file needs to be
constantly updated and will always be one step behind, like a dog chasing
its tail.

Modem Ani

 

[Gary Smith]

But do you also have

click.linksynergy.com
ssl.linksynergy.com
images.trafficmp.com
ads.usatoday.com
c.usatoday.com
viewer.usatoday.com

and any other host names they may have dreamed up to serve ads? Those
were all in the MVPS HOSTS list published on 6-28-2004.

Everyone

I've verified the location of the hosts file and its in
C:\WINDOWS\system32\drivers\etc
which is the only hosts file in the system, and is the correct location
according to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Databa
se Path

Yes, I do update it and it has lines like this
127.0.0.1 ad.linksynergy.com
127.0.0.1 ad.trafficmp.com
127.0.0.1 ad.usatoday.com

 

[David Candy]

Most people don't visit every web site. I only have two sites I care about. I spend 5 minutes several times a year updating my hosts.

 

[Hall]

Gary, I've got a long list in my hosts file, which yes came from this
source.

Unfortunately, no one's able to point out a possible cause for why
technically this isn't working anymore...

 

[David Candy]

What happens when you type

tracert ad.linksynergy.com

--
----------------------------------------------------------
http://www.uscricket.com

Gary, I've got a long list in my hosts file, which yes came from this
source.

Unfortunately, no one's able to point out a possible cause for why
technically this isn't working anymore...

 

[frodo]

don't use a hosts file for this purpose, there are better solutions:

www.privoxy.org

VERY technical, but simple too! The default settings work like a charm
and most users will never need to do anything further. But if you want to
you can dig into the docs and tailor it even further.

 

[PA Bear]

That source (MVP Mike Burgess) updates the hosts file several times a month.
Do you have the most recent one?

 

[Gary Smith]

One possible cause is that linksynergy may be using a server name such as
ad2.linksynergy.com that you don't have in your list. They can make them
up as fast as you can discover and block them.

 

[Gary Smith]

HOSTS files can't block IP addresses ay all, much less ranges of
addresses. What they actually do is to assign a host name to a particular
IP address. You can block a specific host by assigning its name to
127.0.0.1, but you have to do that for individual host name you want to
block: ads1.badguy.com, ads2.badguy.com, junk.badguy.com, and so on.
Tomorrow Mr. Badguy changes the names of all of his servers, and he's
unblocked again until you notice and adjust your HOSTS file. There's no
way to win that game.

 

[Guest]

Microsoft did something misguided in a recent update. I came here to try to
resolve the problem only to find that nobody seems to know what it is.

Internet Explorer is overriding the hosts file when you are online. Now it
only honors the hosts file when you are offline. It is overriding the TCP/IP
services, and going straight to the offending site. Ping, tracert, mail, and
other browsers honor the hosts file.

For me this is a killer because I override all of my web sites with
dev.(domain).ca going to localhost, so I can edit sites. However, if my
computer is ONLINE then I can't access the local server.

Unfortunately, the ONLY work-around I have found so-far is to use another
browser like Firefox. I have been working so hard to avoid that.

If anyone knows an ACTUAL solution to this, I would appreciate a note at
(e-mail address removed) thanks.

-Don

 

[Malke]

Microsoft did something misguided in a recent update. I came here to
try to resolve the problem only to find that nobody seems to know what
it is.

Internet Explorer is overriding the hosts file when you are online.
Now it only honors the hosts file when you are offline. It is
overriding the TCP/IP services, and going straight to the offending
site. Ping, tracert, mail, and other browsers honor the hosts file.

For me this is a killer because I override all of my web sites with
dev.(domain).ca going to localhost, so I can edit sites. However, if
my computer is ONLINE then I can't access the local server.

Unfortunately, the ONLY work-around I have found so-far is to use
another browser like Firefox. I have been working so hard to avoid
that.

If anyone knows an ACTUAL solution to this, I would appreciate a note

(email snipped)

I haven't seen this problem with any of the MS updates on any of my
Windows boxen or on any of the very many clients' computers I have
worked on. It actually sounds to me like you have something like Spybot
Search & Destroy's Internet Explorer protection enabled. Any
third-party programs like that? Norton Internet Security? Any
third-party firewalls that might be protecting the hosts file?

Oh, and don't post your real, unmunged email address on Usenet and
messageboards. It will get harvested by spambots. Here's a link
explaining how to munge:
http://www.mailmsg.com/SPAM_munging.htm

Malke

 

[Guest]

Thanks Malke,

I have seen this on several support forums, including this one.

I found the problem. Actually, it turns out that IE now does some
interresting new checks (including tests for Windows 2003 IIS ) before
honoring the hosts file if you are online. These tests only occur with IE and
they only occur when you are online and only happen if you have
"automatically detect settings" set "on" in Internet
Options->Connections->Lan Settings. It also totally ignores the precidence
settings of hosts/dns/lmhosts etc in the registry.

Strangely, some of the problems seem to be related to the last date I ran
officeupdate!

Turning off "automatically detect settings" fixed all of the problems,
including checking for wpad.dat to determine if it is a valid proxy of the
site.

Btw: Thanks for the email tip. I wasn't sure if this was usenet or a
microsoft private site, but I always use a disposable email address that will
be blacklisted once it gathers spam.

 

[Malke]

Thanks Malke,

I have seen this on several support forums, including this one.

I found the problem. Actually, it turns out that IE now does some
interresting new checks (including tests for Windows 2003 IIS ) before
honoring the hosts file if you are online. These tests only occur with
IE and they only occur when you are online and only happen if you have
"automatically detect settings" set "on" in Internet
Options->Connections->Lan Settings. It also totally ignores the
precidence settings of hosts/dns/lmhosts etc in the registry.

Strangely, some of the problems seem to be related to the last date I
ran officeupdate!

Turning off "automatically detect settings" fixed all of the problems,
including checking for wpad.dat to determine if it is a valid proxy of
the site.

Btw: Thanks for the email tip. I wasn't sure if this was usenet or a
microsoft private site, but I always use a disposable email address
that will be blacklisted once it gathers spam.

I'm glad you got it sorted. Thanks for taking the time to post the
solution since this will help others in the future. Yes, these are
public Usenet newsgroups hosted on Microsoft servers, propagated out to
other news servers.

Malke