1 recommendation |
hostofpartie
Anon
2015-Jan-24 11:06 am
www or not in host file?I've been looking into possibly using a hosts file, but the answer to this question will affect how I use it: Does www matter? For example, are the following 2 lines equivalent?:
127.0.0.1 somerandomsite.com 127.0.0.1 www.somerandomsite.com |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT |
camper
Premium Member
2015-Jan-24 11:18 am
said by hostofpartie :For example, are the following 2 lines equivalent?:   Those two lines show two different host names that have the same IP address. They are not equivalent, they may point to the same physical host, but they are not equivalent. In my nginx (web server) configuration files, I have to put configuration entries for both names because I defined both in DNS. If I wanted, I could have www.example.com and example.com on the same IP address, yet point to a different websites. Not all sites are configured this way. For example, look at www.postfix.org and postfix.org |
|
dave Premium Member join:2000-05-04 not in ohio |
to hostofpartie
The hosts file translates names to addresses (and vice-versa). You have two different names for the same address.
Presumably this is using the name translation mechanism to 'block' access. Which one is 'right' depends on what you're trying to block access to: somerandomsite.com or www.somerandomsite.com. |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI 1 edit |
to hostofpartie
As already said, they are NOT equivalent. It's also unfortunate hosts files cannot do any kind of wildcards. Too bad *.somerandomsite.com is invalid and matches nothing or hosts files could be much smaller. |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
to hostofpartie
Both of those are perfectly acceptable without too much duplication of those. Note from many threads on the subject: quote: Important Note: The HOSTS file now contains a change in the prefix in the HOSTS entries to "0.0.0.0" instead of the usual "127.0.0.1".
|
|
4 edits |
to hostofpartie
said by hostofpartie :I've been looking into possibly using a hosts file, but the answer to this question will affect how I use it start by looking at this webpage: » winhelp2002.mvps.org/hosts.htmit has some general information about using a HOSTS file.. you also can download the "winhelp2002" HOSTS file from there.. i recommend using the "winhelp2002" HOSTS file.. it is very good while not being super-bloated.. depending on how big your HOSTS file is, you might not need to disable the "DNS Client" service, in window's "services".. disabling the "DNS client" service doesn't hurt anything, at least not as far as i know.. i also recommend using funkytoad's "hostsxpert" to manage your HOSTS file.. you can download it from here: » www.snapfiles.com/downlo ··· stsxpertfunkytoad's website has shut down, so it is not possible to download their programs from there anymore.. another one of their program's that i use is "homer".. i don't really know how to describe "homer" other than to say that it is a "web-server".. i think that is what it is called.. anyway, with "homer" running, you can set it to display a single 1X1 pixel (a white pixel) and, then, instead of seeing "page cannot be displayed" splashed all over webpages, when something is blocked by the HOSTS file, you don't see anything-unless a whole webpage is blocked, is that case you would either see a blank white page or a black page with a white dot in the middle of it.. since "homer" cannot be downloaded from the "funkytoad" website, i will upload it for you, so that you can download it.. here is a link for downloading "homer": » app.box.com/s/vb799oqrzt ··· nx5q5l5h |
|
19579823 (banned)An Awesome Dude join:2003-08-04 |
to siljaline
quote: Important Note: The HOSTS file now contains a change in the prefix in the HOSTS entries to "0.0.0.0" instead of the usual "127.0.0.1".
I have used 0 for years.... |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
You mean since Windows 8 required the "0.0.0.0" prefix, that's a few years M8 |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI |
I manually changed to 0.0.0.0 which works better in Linux a few years before MVPS made that change. It was great when they did - saved me a step. |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC
2 recommendations |
MVPS Hosts was updated via way of » Security Product Vendors |
|
shearerNorthern Lights Premium Member join:2002-06-18 Asia |
to siljaline
Re: www or not in host file?Important Note: The HOSTS file now contains a change in the prefix in the HOSTS entries to "0.0.0.0" instead of the usual "127.0.0.1". What's the advantage of using 0 instead of 127.0.0.1 ? |
|
dave Premium Member join:2000-05-04 not in ohio |
dave
Premium Member
2015-Jan-25 9:02 am
Likely very little, if you're not running a local web server. All-zero is either (a) illegal in a connect, or (b) taken to mean 'self'.
If (a) it might fail a few microseconds faster. Otherwise, no difference. |
|
19579823 (banned)An Awesome Dude join:2003-08-04 |
19579823 (banned)
Member
2015-Jan-25 9:50 am
Ya I noticed years ago Dave when I changed it to 0 it was faster.. |
|
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
to dave
Re: www or not in host file?To borrow from Dave Letterman - I don't get what any of that means From the MVPS site and via discussions with Mike directly: Important Note: The HOSTS file now contains a change in the prefix in the HOSTS entries to "0.0.0.0" instead of the usual "127.0.0.1". This was done to resolve a slowdown issue that occurs with the change Microsoft made in the "TCP loopback interface" in Win8.1. IOW - the changes in Win 8 forced the hand to comply across the board. |
|
KearnstdSpace Elf Premium Member join:2002-01-22 Mullica Hill, NJ |
to Bill_MI
no wildcards allowed seems like bad programming IMO. Admin time savings alone by being able to do *.domain.com would be great |
|
siljalineI'm lovin' that double wide Premium Member join:2002-10-12 Montreal, QC |
The IE Restricted Sites Zone accepts *. wildcards but not a Hosts file. |
|
dave Premium Member join:2000-05-04 not in ohio 1 edit
3 recommendations |
to Kearnstd
said by Kearnstd: seems like bad programming IMO You are rewriting history and claiming that a mechanism that fulfilled its design intent perfectly well, and which you're now using for something entirely different, is bad programming. It's too bad if a hammer doesn't suit your purposes for inserting screws, but that doesn't mean the hammer is badly designed. 'hosts' is one of a set of files -- see also networks, services, protocols -- that are simple name-to-number lookup tables. From the name, you'll see that the intent was to name hosts. Hosts typically had one name -- maybe two if you want to use a convenient local abbreviation, like whozit instead of whozit.somewhere.something.com, for a system on your local network. The idea that an unspecified set of name ('all names ending in something.com') are the same host is simply outside the grounds of reasonableness for the use it was intended for. (Host) name services map specific (host) names to specific addresses. Since DNS, no-one's interested in expanding the hosts file for other purposes, since there are far better name services available. Like DNS, or even WINS. For controlling outbound connections, we have firewalls. |
|
dave |
to siljaline
From what I can tell from a quick googling, Windows 8.1 introduces 'network isolation', which seems to allow you to control which networks an application can connect to.
Using a hosts file as a connection-blocking mechanism involves lying about name/address translations: you map some host name to an address that doesn't actually have a web server, so any attempts to connect to that web server will fail. For typical desktop machines, there is no web server. Or if there is a web server, it probably doesn't have the pages the client is asking for. So, it follows that a good lie to tell is that 'foo.bar.com is this machine right here'.
I know nothing about Win 8.1 network isolation, but if you want to prevent connections to the loopback network, there are essentially two ways to do it: respond to the request with "nope", or fail to respond. The latter involves the client timing out on the response, so if the problem that host-file users are seeing is that those connects to the loopback network are taking several seconds to fail, Win 8.1 probably took the "no response" approach.
Using 0 fails faster because whereas 127.0.0.1 is a legitimate destination for a connect request, 0 probably is not. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
Mele20
Premium Member
2015-Jan-25 10:25 pm
I suppose this is only important with large hosts files. Until this thread, I had not realized I could use 0 (or two other choices in HostsMan) instead of 127.0.0.1. I realize Windows 8.0 doesn't have the changes but they must be in Win 10 Preview where I also have HostsMan and still use 127.0.0.1. I have the same entries in the hosts file on both computers and I don't notice a slowdown on Win 10 Preview. I suppose I might if I was using a large hosts file. |
|
dave Premium Member join:2000-05-04 not in ohio |
dave
Premium Member
2015-Jan-25 10:31 pm
Nope, won't be dependent on the size of the hosts file. The only possible effect the use of zero versus loopback can have is on the time it takes for a connect to that address to fail. |
|
19579823 (banned)An Awesome Dude join:2003-08-04 |
19579823 (banned)
Member
2015-Jan-26 12:30 am
Another BS thing ppl tell you about the host file is needing "127.0.0.1 (or 0) localhost"
I took it out YEARS AGO.......
ITS IMPORTANT TO HAVE YOUR OWN MIND!!!!! (not let it be compromised with alot of MSM crap (Which causes you to ultimatly be living how SOMEONE ELSE wants you living (thinking,etc))) |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI |
Bad idea. "localhost" and the loopback interface go back to the beginnings of networking, same as the hosts file. You've simply never seen an application that made use of this standard entry or... it failed and you never found out why. |
|
dave Premium Member join:2000-05-04 not in ohio
4 recommendations |
to 19579823
I suggest you have no idea what you're talking about. You have no idea why software uses 'localhost' and why it might do so.
Also, I have seen little reporting in the 'mainstream media' about 127.0.0.1, so your rant on that vector is completely irrelevant.
FWIW: these days, the Microsoft name resolver apparently has a hardwired translation for 'localhost' to avoid trouble from people who edit files with no idea what they're doing. |
|
|
to 19579823
+1 Bill_MI Make sure you use 127.0.0.1 and not 0.0.0.0 for localhost, as it needs to have the valid loopback address. It is there to allow access, not to block access. |
|
dave Premium Member join:2000-05-04 not in ohio |
dave
Premium Member
2015-Jan-26 11:44 am
A quick check with netstat on my Windows 7 systems shows about 40 endpoints bound to 127.0.0.1. The unknown thing is whether the responsible programs hardwired '127.0.0.1' or 'localhost' into their code. But why force yourself to have to find out? It's not as if failing to define localhost somehow increases your security. |
|
Dustyn Premium Member join:2003-02-26 Ontario, CAN ·Carry Telecom ·TekSavvy Cable Asus GT-AX11000 Technicolor TC4400
|
to 19579823
said by 19579823:Another BS thing ppl tell you about the host file is needing "127.0.0.1 (or 0) localhost"
I took it out YEARS AGO.......
ITS IMPORTANT TO HAVE YOUR OWN MIND!!!!! (not let it be compromised with alot of MSM crap (Which causes you to ultimatly be living how SOMEONE ELSE wants you living (thinking,etc))) Can't imagine why you would think to remove the localhost address.... |
|
dave Premium Member join:2000-05-04 not in ohio
2 recommendations |
dave
Premium Member
2015-Jan-26 7:45 pm
Since MICROSOFT NOW TELLS YOU TO NOT DEFINE LOCALHOST!!!!! I expect an immediate reversal of 'independent thinker' opinion. # localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
|
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI TP-Link Archer C7 Linksys WRT54GS Linksys WRT54G v4
1 edit |
Fascinating. I was testing local bind9 and some public DNS servers to see what they do while wondering if this makes the entry moot. All I tried resolve "localhost" except Google's 8.8.8.8 / 8.8.4.4 servers. I guess if anyone wanted to thumb their nose at this, Google would be it. But my sample was small. EDIT: Tried several more servers and it's more balanced than my first batch. Another notable is OpenDNS. |
|
Hitron CDA3 (Software) OpenBSD + pf
|
to hostofpartie
Re: www or not in host file?0.0.0.0 binds to all IP addresses of the host, while 127.0.0.1 does not. If you are doing development work on local system or something similar always bind any daemons to loopback, keeps it from being accessible on any external interface, unless of course that is the goal. |
|
dave Premium Member join:2000-05-04 not in ohio |
to Bill_MI
Re: FWIW, "within DNS" in that hosts-file comment means in the DNS client, not the DNS server. |
|