Jump to content



Photo

You can’t block Facebook using Windows 8′s hosts file

win8 mse hosts file

  • Please log in to reply
54 replies to this topic

#1 +Frank B.

Frank B.

    Member N° 1,302

  • 23,494 posts
  • Joined: 18-September 01
  • Location: Frankfurt, DE
  • OS: OS X 10.10
  • Phone: Sony Xperia Z2

Posted 20 August 2012 - 10:37

You can’t block Facebook using Windows 8′s hosts file

The Windows hosts file offers a great way of blocking or redirecting certain Internet hosts. I’m for instance using it whenever I move websites to a new hosting company to check the life site before the DNS has fully propagated. You can also download software like Hosts Man that allow you to add lists of known malicious sites or advertising servers to the file to block those automatically from being visited on the computer.

In theory, you can add any domain, host or website to the hosts file so that it is blocked on the system. Ghacks reader SGR just informed me that this apparently has changed in the Windows 8 RTM version.

Posted Image

While you can still add any host you want to the hosts file and map it to an IP, you will notice that some of the mappings will get reset once you open an Internet browser. If you only save, close and re-open the hosts file you will still see the new mappings in the the file, but once you open a web browser, some of them are removed automatically from the hosts file.
Two of the sites that you can’t block using the hosts file are facebook.com and ad.doubleclick.net, the former the most popular social networking site, the second a popular ad serving domain.

The strange thing is that even write protecting the file does not have an effect on it as entries are still removed once you open a web browser. Actually, any kind of Internet connection seems to be enough for that behavior. If you open the Windows Store for instance, the entries get removed as well automatically.

This could be a bug that is affecting only some high profile sites and services, or something that has been added to Windows 8 deliberately. We have contacted Microsoft and are currently waiting for a response from a company representative. Since it is Sunday, it is not likely that this is going to happen today.

It is also in the realm of possibility that the hosts file may not accept other hosts.

Update: Tom just pointed out that turning off Windows Defender, which basically is Microsoft Security Essentials, in Windows 8 will resolve the issue. It appears that the program has been designed to protect some hosts from being added to the Windows hosts file. To turn off Windows Defender press the Windows key, type Windows Defender and hit enter. This launches the program. Switch to Settings here and select Administrator on the left. Locate Turn on Windows Defender and uncheck the preference and click save changes afterwards.

Please note that this turns off Windows Defender, and that it is recommended to have another antivirus program installed on the system to have it protected against Internet and local threats.

Source: ghacks.net


#2 FloatingFatMan

FloatingFatMan

    Resident Fat Dude

  • 15,880 posts
  • Joined: 23-August 04
  • Location: UK

Posted 20 August 2012 - 10:57

...Why would Windows Defender protect Facebook and an ads site from being blocked?

I smell a payoff here...

#3 metro2012

metro2012

    Neowinian

  • 458 posts
  • Joined: 13-May 12

Posted 20 August 2012 - 11:02

in MSE (and i imagine windows defender) you can exclude files. just excludes the hosts file and it should not change it back

#4 Max Norris

Max Norris

    Neowinian Senior

  • 4,702 posts
  • Joined: 20-February 11
  • OS: Windows 8.1, BSD Unix
  • Phone: HTC One (Home) Lumia 1020 (Work)

Posted 20 August 2012 - 11:04

I smell a payoff here...

A lot of anti-malware suites will prevent changes to the hosts file.. common way to hijack sites and such. Exclude or use a different suite.

#5 testman

testman

    Neowinian

  • 1,099 posts
  • Joined: 06-April 05

Posted 20 August 2012 - 11:17

So really a non-issue.

Moving swiftly on...

#6 Anthonyd

Anthonyd

    Neowinian

  • 1,216 posts
  • Joined: 07-May 06

Posted 20 August 2012 - 11:32

in MSE (and i imagine windows defender) you can exclude files. just excludes the hosts file and it should not change it back

^this.
If you modifiy the host file manually, it will trigger a warning (since it's a good way to do man in the middle attacks for example) but you can tell MSE/Windows defender to allow the change, then it won't revert it back.

#7 +Chicane-UK

Chicane-UK

    Neowinian Senior

  • 9,787 posts
  • Joined: 02-November 01
  • Location: The UK!
  • OS: MacOS 10.9 Mavericks
  • Phone: Google Nexus 4

Posted 20 August 2012 - 11:42

A lot of anti-malware suites will prevent changes to the hosts file.. common way to hijack sites and such. Exclude or use a different suite.


Yep... can understand their reasons for doing it. Bit annoying though if you do alter your hosts file when doing testing and so forth.

#8 ArialBlue

ArialBlue

    var lulz;

  • 1,768 posts
  • Joined: 24-June 10
  • Location: Democratic People's Republic of Korea
  • OS: Windows Master Race

Posted 20 August 2012 - 13:55

I will take note to turn off Windows Defender when updating my hosts file with a malware stopping one.

#9 +FiB3R

FiB3R

    aka DARKFiB3R

  • 7,413 posts
  • Joined: 06-November 02
  • Location: SE London
  • OS: Windows 8.1 Enterprise
  • Phone: Lumia 930

Posted 20 August 2012 - 14:14

A lot of anti-malware suites will prevent changes to the hosts file.. common way to hijack sites and such. Exclude or use a different suite.


It's the fact that it only blocks some sites, that seems very fishy. If you are going to protect the hosts file in this manner, why not protect it entirely?

#10 Phebson

Phebson

    Neowinian

  • 33 posts
  • Joined: 10-August 12

Posted 20 August 2012 - 14:19

It's that fact that it only blocks some sites, that seems very fishy. If you are going to protect the hosts file in this manner, why not protect it entirely?


Look how big facebook.com is. If some trojan decided to link it to a different IP within the hosts file, thats why it only does some domain names. Malware authors dont care about picsofmygranny.com with its 5 users

#11 Colin McGregor

Colin McGregor

    Neowinian Senior

  • 1,704 posts
  • Joined: 02-September 11
  • Location: Ontario, Canada
  • OS: Windows 8 x64, Gentoo x64 Sometimes
  • Phone: Samsung Ativ S WP8

Posted 20 August 2012 - 14:25

or just install some parental lock software. Im assuming you want to block facebook so your kids cant go on cause they are too young and not cause you have no self control can't just not go there

#12 Praetor

Praetor

    ASCii / ANSi Designer

  • 2,858 posts
  • Joined: 05-June 02
  • Location: Lisbon
  • OS: Windows Eight dot One dot One 1!one

Posted 20 August 2012 - 14:27

It's that fact that it only blocks some sites, that seems very fishy. If you are going to protect the hosts file in this manner, why not protect it entirely?


this
i knew that anti-malware solutions block access to the host file or at least that access triggers a warning; the new thing here is that Windows Defender only blocks some sites, witch is odd.

#13 billyea

billyea

    Your Two Cents

  • 2,050 posts
  • Joined: 15-July 06
  • Location: Noitacol

Posted 20 August 2012 - 14:29

Facebook is fine to not add. I see no ill will in that, and it's a common trap for people to input their passwords on Facebook phishing sites.
I am a bit concerned about doubleclick. Is that the common ad platform for Windows 8?

#14 ~Johnny

~Johnny

    Earthling

  • 3,292 posts
  • Joined: 10-August 08
  • Location: London, England, Earth, Milky Way

Posted 20 August 2012 - 14:32

I am a bit concerned about doubleclick. Is that the common ad platform for Windows 8?


It's one of the biggest ad networks on the internet. Someone being able to redirect all that traffic for their own purposes by modifying someone elses hosts files is quite the issue - considering how many websites have ads served by doubleclick.

By the way, doubleclick is run by Google - Microsoft tends to use their own advertising platform.

#15 +Nik L

Nik L

    Where's my pants?

  • 34,151 posts
  • Joined: 14-January 03

Posted 20 August 2012 - 14:34

It's that fact that it only blocks some sites, that seems very fishy


Not really. Lets wait an see which sites block and which don't. I'm guessing it's borne out of their diagnosis of which sites are most commonly attacked in such a manner