Question on using the hosts file
 

Just resurrected an older laptop and testing it out. I noticed that one particular site was downloading a bunch of ad-related stuff, and I thought, "Of course! I never put in the hosts file."

I couldn't find the one I had been using (~650K) so I googled around and found one from Malwarebytes. I figured these guys ought to know what they're doing, so I downloaded it and installed it. 30 megs. Are you kidding?

Anyhow, I picked an entry at random (let's call it www.dumbsite.com) and put that address in the browser. What I expected to happen was nothing - it would find the entry in the hosts file, try to connect to myself (127.0.0.1) and that would be it. Instead, it went to the site.

So ... I'm probably misunderstanding how this stuff works (nothing new here, folks).

1. Does it matter which browser I use (IE, Chrome, Opera)?

2. Is that how it really works? It first checks the hosts file, then the internal dns cache and then sends out to the ISP's DNS server. If not, what's going on here?

Is the entry in the hosts file to dumbsite.com or www.dumbsite.com? For the type of test you're doing (i.e. via web browser) it's important that you specify the name exactly as it appears in the hosts file. And some browsers will try to "do the right thing" and prepend a www to the name.

Also, if your browser is configured to use a proxy, the hosts file will essentially be ignored.

Using the hosts file for ad blocking has always seemed silly to me. It's really not designed for this. How about just using ....... Plus or a similar plugin? Also, OpenDNS will automatically filter out known malware domains. The best part about both is that you don't have to update their lists, like you would with a hosts file.

I've only used the hosts file for pranks. #2 in your post is pretty much correct as to how it works.

What OS? To make sure you have the right path to file...

In most OSes, the format is:

127.0.0.1 dumbsite.com
127.0.0.1 anotherdumbsite.com

You should be able to use ping or nslookup to verify that it works. In Windows and most *nix systems and on OS X it's effective as soon as you save the file.

Browser doesn't matter.

Windows 7 and XP.
The format is correct.
I tried pinging (command prompt) using the exact spelling as in the file and it substitutes the appropriate alias (if necessary), fills in the proper IP address, and proceeds to ping the right guy and get a response. Nslookup finds the right guy, too. Clearly it seems to be ignoring the file or I'm misusing it.

What is the full path to the file your hosts file? Did you accidentally save it as .txt or something?

Contrary to what I've been told, I did a reboot - at that time, the hosts file was read in, and now everything on the list winds up being unreachable (according to ping).

Which is what I wanted.

I generally put my computers to sleep rather than shut down, so I got out of the habit of rebooting. :)

that's weird, I don't have to reboot with win7. Changes to the hosts file are applied immediately. I just tested it with yahoo.com, entry in the file, ping used that, entry not in the file, ping used dns. No reboot, just edit the file.

I wonder if there's a policy for it somewhere, similar to nsswitch.conf?

Yeah, there is, post #2 in this thread:

http://h30499.www3.hp.com/t5/Systems...8#.VPHCl1PF-Qw

My values were the same as what he reported. Are yours different?

-David

Yeah, ....... updates automatically. Using the hosts file is something you have to update manually.

Yeah, that's because you're still running XP. Maybe if you submit a help ticket with MS, they'll fix it. :)

Alternatively, you could use: ipconfig /flushdns to flush the dns resolver cache.