Tag Archives: hosts file

Domain Blacklist

Currently, I’ve been using Pi-hole as a means of blocking ads, malicious websites, and other undesirable things in my own personal network. My Pi-hole setup is blocking 1,702,945 domains, so it can be a way of saving bandwidth and helping fellow network users on my network avoid known blacklisted malicious websites. Granted, it is not perfect and it will always be a game of cat and mouse, especially with methods like this, when it comes to blocking domains. But if you’re looking for a small weekend project for your home or small office, I strongly recommend looking into Pi-hole. It’s a better means of blocking in my opinion than the hosts file method especially with fixed location desktop computers (although, on a side note you could VPN into your network with mobile devices and still use your own personal Pi-hole). With that being said, I’m hosting another huge blacklist of domains/IPs on my google drive, in two formats. One only has the hosts, and the other has a hosts file format (i.e. 127.0.0.1     BadWebsite.com):

HostsOnly (28.1 MB) – sha1sum – 34a86bcb2b4dba37818fd7de39252b342b9c2f6d

https://drive.google.com/open?id=0BxZG1yRxL_q4aVlNU3N3eVhyRTQ

HostsLoopback (44.4 MB) – sha1sum – e3bdad79c32d7eed3e65c49df5788820e675b78d

https://drive.google.com/open?id=0BxZG1yRxL_q4VTQxRERNVmFkLVU

 

 

Protecting end users by black listing domain names

One of the many programs that I use for Windows to help prevent and remove malware is SpyBot S&D.  One of the methods that SpyBot S&D utilizes, is by editing the hosts file, which for Windows is located at (usually):

C:\WINDOWS\system32\drivers\etc\hosts

About a year ago, I was monkeying around with my hosts file and noticed all the entries put by SpyBot S&D. I thought to myself, “What a wonderful idea.” For those of you who aren’t familiar with the hosts file, please take a gander at this:

http://en.wikipedia.org/wiki/Hosts_file

Ergo, I compiled (well I used quite a bit of from the hosts file that was edited under Windows by SpyBot S&D)a list of offending domains that are usually associated with scams, malware, and/or other nefarious things and put it on my website. I felt that end users who use Linux or even Mac OS X could benefit from editing their hosts file in such a way. Here’s the hosts file:

http://zitstif.no-ip.org/THELIST.txt
MD5sum: 7ec6a57b82d53359c3bcff54d0b1cc62

For *nix end users, if you want to append THELIST.txt on the fly over the Internet via bash shell, give this a try and verify your results as root:

printf "GET /THELIST.txt HTTP/1.0\n\r\n" | nc -vv zitstif.no-ip.org 80 2>&1 | egrep -v 'HTTP|Apache|Date:|ETag:|Accept-Ranges:|Content-|Connection:|Modified:|Connection'  >> /etc/hosts

By doing this, you’ll protect your end users by making the blacklisted domain names unavailable to them. This may not be perfect, but this is one of the many ways you can help prevent identity theft for your end users or even yourself.

More to come.