Internet Security: host file to block Spyware, Malware etc

[mikeslr]

Hi All,

Thanks to rufwoof's post here, http://murga-linux.com/puppy/viewtopic. ... 60#1008060 and the posts which followed the use of host files was explained and links to versions provided.

[Terry H]

This method is built in to all / most /"a lot" of puppies in Pup-Advert-Blocker, that's how it works by populating the hosts file. I generally check all 3 options. My hosts file is 690 KB. An added benefit of using this method is you don't get the nags to whitelist sites, like when using a software adblocker.

[mikeslr]

Hi Terry,

This is not to suggest that Pup-Advert Blocker isn't good nor that it may not be sufficient if that's all you want. But at 690 KB it is neither as complete nor as customizable as some of the Host file sources suggested on the posts following the above link. It may be that Pup-Advert Blocker has been limited to just block advertisements. In contrast, one of the Host file providers linked to, https://host-flash.com/ "Host Flash™ can be used to block porn sites, to block game sites, to block phishing sites, to block social network sites, to block ad servers, to block malicious websites or to block any website of choice".

But be careful of what you ask for. Galbi reports: "Thanks to this script:
https://host-flash.com/
my hosts file now weights 41.5 MiB,
despite that, everything seems to run fine."

As I understand it --and hopefully someone will correct me if I'm wrong-- various volunteers identify the urls of websites considered to be a nuisance or worse and create lists. Host file providers pick, choose, categorize and otherwise manage those lists, and may provide some method by which the user can choose entire categories to 'blacklist' or not, and later 'whitelist' specific sites appearing on a 'blacklist'. When a webpage on a web-browser, any web-browser, seeks to access one of the 'blacklisted' urls, it is redirected by the Host file on your system to a blank file, also on your computer. The process takes less time than if the content of the blacklisted url was streamed to your computer, speeding up the time it takes to display the content you actually sought from the webpage you opened. And as the website of malware 'providers' is never reached, their content never reaches your computer.

At least, that's my understanding. I am by no means an expert. Lest what I believed was an important, eye-opening, discussion got buried, I started this thread after no one took my hint on the cited thread that somebody should.

Also note, however, that many of the 'processes' provided by google show up on some lists. Blacklisting them may prevent you from finding whatever you were looking for. If so, I wonder if employing https://www.startpage.com/ would overcome that.

[8Geee]

Startpage actually shows 3 blocked items in AdBlockEdge.
Not perfect, but low.

DuckDuckGo has about 50

Regards
8Geee

[Terry H]

When you check your network information you have a lo entry which is the loop back for networking. When you enter a URL, the hosts file is checked prior to going to the DNS, as the IP Address is found when checking the hosts file, the browser is happy and it's not necessary to get the IP address externally. The browser is given 127.0.0.1.

From wikipedia https://en.wikipedia.org/wiki/Loopback

[8Geee]

I would also check the Statistics Tab for pathways used !

Regards
8Geee

[musher0]

Hi guys.

Thanks to Galbi and mikeslr for recommending the hosts-flash script.
Excellent concept, that script.

Except, it works too well for me. It's "La Totale", like total sanitation.
For one the online crawler.com RSS gets blocked. I'm a news addict:
you block my favorite online "news stand" and you're out!

The docs say you can modulate hosts-flash, but I haven't got the patience
to "modulate" a 45 Mgs listing.

The hosts file halting google stuff only works well on this xenialPup-706.
At 1.5 Mb, it'll do fine.

BFN.

[linuxcbon]

Hi,

I think the best way is to do it manually, so you have the control and the file is not too big.
A big hosts file makes the browser slower because the browser reads the file line by line and quite often.

Here is a howto :
http://www.murga-linux.com/puppy/viewtopic.php?t=77555

My hosts file is about 1000 lines, it's quite enough.

Cheers

[mikeslr]

The reason I suggested startpage.com is its representation which I can't quote as, apparently, it only displays an image of text when you click down-arrow below "How We Protect You" at the bottom of this webpage, https://www.startpage.com/. Then click the text "How we do it". See the attachment for what I think is the most relevant part. Which really doesn't explain "how". Trade secrets? Or like sausages which you probably wouldn't eat if you actually knew how they were made.

My best guess --humans not really being as inventive as they make themselves out to be-- is a variation of the role played by criminal defense attorneys in negotiating plea deals with prosecutors: Act as a "mouth-piece"/ middle-man. Attorneys can't be forced to reveal what their clients actually tell them. But they can represent what a client is, in the attorney's opinion , willing to say or do. And pass on to their client what the prosecuting attorney is willing to say or do. If startpage.com acts as a middleman it just passes your query on to google (or others?), receives a response and passes it to you. Google only knows the query came from startpage.com.

[mikeslr]

Hi All,

Two other threads you may find helpful:

How to manually block advertisements with /etc/hosts, http://murga-linux.com/puppy/viewtopic. ... 837#619837

how to completely block Google -- Subject description: take back your privacy by blocking domains linked to Google, http://murga-linux.com/puppy/viewtopic. ... 71#1008871