You can


Recommended Posts

+Frank B.

You can?t block Facebook using Windows 8?s hosts file

The Windows hosts file offers a great way of blocking or redirecting certain Internet hosts. I?m for instance using it whenever I move websites to a new hosting company to check the life site before the DNS has fully propagated. You can also download software like Hosts Man that allow you to add lists of known malicious sites or advertising servers to the file to block those automatically from being visited on the computer.

In theory, you can add any domain, host or website to the hosts file so that it is blocked on the system. Ghacks reader SGR just informed me that this apparently has changed in the Windows 8 RTM version.

windows-8-hosts-file.png

While you can still add any host you want to the hosts file and map it to an IP, you will notice that some of the mappings will get reset once you open an Internet browser. If you only save, close and re-open the hosts file you will still see the new mappings in the the file, but once you open a web browser, some of them are removed automatically from the hosts file.

Two of the sites that you can?t block using the hosts file are facebook.com and ad.doubleclick.net, the former the most popular social networking site, the second a popular ad serving domain.

The strange thing is that even write protecting the file does not have an effect on it as entries are still removed once you open a web browser. Actually, any kind of Internet connection seems to be enough for that behavior. If you open the Windows Store for instance, the entries get removed as well automatically.

This could be a bug that is affecting only some high profile sites and services, or something that has been added to Windows 8 deliberately. We have contacted Microsoft and are currently waiting for a response from a company representative. Since it is Sunday, it is not likely that this is going to happen today.

It is also in the realm of possibility that the hosts file may not accept other hosts.

Update: Tom just pointed out that turning off Windows Defender, which basically is Microsoft Security Essentials, in Windows 8 will resolve the issue. It appears that the program has been designed to protect some hosts from being added to the Windows hosts file. To turn off Windows Defender press the Windows key, type Windows Defender and hit enter. This launches the program. Switch to Settings here and select Administrator on the left. Locate Turn on Windows Defender and uncheck the preference and click save changes afterwards.

Please note that this turns off Windows Defender, and that it is recommended to have another antivirus program installed on the system to have it protected against Internet and local threats.

Source: ghacks.net

  • Like 1
Link to post
Share on other sites
FloatingFatMan

...Why would Windows Defender protect Facebook and an ads site from being blocked?

I smell a payoff here...

  • Like 9
Link to post
Share on other sites
metro2012

in MSE (and i imagine windows defender) you can exclude files. just excludes the hosts file and it should not change it back

Link to post
Share on other sites
Max Norris
I smell a payoff here...

A lot of anti-malware suites will prevent changes to the hosts file.. common way to hijack sites and such. Exclude or use a different suite.

Link to post
Share on other sites
testman

So really a non-issue.

Moving swiftly on...

Link to post
Share on other sites
Anthonyd

in MSE (and i imagine windows defender) you can exclude files. just excludes the hosts file and it should not change it back

^this.

If you modifiy the host file manually, it will trigger a warning (since it's a good way to do man in the middle attacks for example) but you can tell MSE/Windows defender to allow the change, then it won't revert it back.

Link to post
Share on other sites
Chicane-UK

A lot of anti-malware suites will prevent changes to the hosts file.. common way to hijack sites and such. Exclude or use a different suite.

Yep... can understand their reasons for doing it. Bit annoying though if you do alter your hosts file when doing testing and so forth.

Link to post
Share on other sites
ArialBlue

I will take note to turn off Windows Defender when updating my hosts file with a malware stopping one.

Link to post
Share on other sites
FiB3R

A lot of anti-malware suites will prevent changes to the hosts file.. common way to hijack sites and such. Exclude or use a different suite.

It's the fact that it only blocks some sites, that seems very fishy. If you are going to protect the hosts file in this manner, why not protect it entirely?

Link to post
Share on other sites
Phebson

It's that fact that it only blocks some sites, that seems very fishy. If you are going to protect the hosts file in this manner, why not protect it entirely?

Look how big facebook.com is. If some trojan decided to link it to a different IP within the hosts file, thats why it only does some domain names. Malware authors dont care about picsofmygranny.com with its 5 users

  • Like 1
Link to post
Share on other sites
Colin McGregor

or just install some parental lock software. Im assuming you want to block facebook so your kids cant go on cause they are too young and not cause you have no self control can't just not go there

Link to post
Share on other sites
Praetor

It's that fact that it only blocks some sites, that seems very fishy. If you are going to protect the hosts file in this manner, why not protect it entirely?

this

i knew that anti-malware solutions block access to the host file or at least that access triggers a warning; the new thing here is that Windows Defender only blocks some sites, witch is odd.

Link to post
Share on other sites
argonite

Facebook is fine to not add. I see no ill will in that, and it's a common trap for people to input their passwords on Facebook phishing sites.

I am a bit concerned about doubleclick. Is that the common ad platform for Windows 8?

Link to post
Share on other sites
~Johnny

I am a bit concerned about doubleclick. Is that the common ad platform for Windows 8?

It's one of the biggest ad networks on the internet. Someone being able to redirect all that traffic for their own purposes by modifying someone elses hosts files is quite the issue - considering how many websites have ads served by doubleclick.

By the way, doubleclick is run by Google - Microsoft tends to use their own advertising platform.

Link to post
Share on other sites
+NJ Louch

It's that fact that it only blocks some sites, that seems very fishy

Not really. Lets wait an see which sites block and which don't. I'm guessing it's borne out of their diagnosis of which sites are most commonly attacked in such a manner

Link to post
Share on other sites
argonite

It's one of the biggest ad networks on the internet. Someone being able to redirect all that traffic for their own purposes by modifying someone elses hosts files is quite the issue - considering how many websites have ads served by doubleclick.

By the way, doubleclick is run by Google - Microsoft tends to use their own advertising platform.

Ah, that makes sense.

I would be curious to know if other high-profile sites are prevented from being redirected as well. I'd expect at least the Alexa top 50. Right now, we can justify each of those sites individually, but if it's ONLY those two sites, it's worth questioning.

Link to post
Share on other sites
BajiRav

It's the fact that it only blocks some sites, that seems very fishy. If you are going to protect the hosts file in this manner, why not protect it entirely?

I am glad it doesn't protect the whole file. I can still use it for my own work (which uses internal domains).

Link to post
Share on other sites
efjay

Has anyone tried adding the hosts file to the exclude list to see if it resolves this?

Link to post
Share on other sites
Anibal P

Has anyone tried adding the hosts file to the exclude list to see if it resolves this?

It works according to another post here

Link to post
Share on other sites
efjay

It works according to another post here

Guess I missed it, thanks.

Link to post
Share on other sites
Jack 0Neill

hosts file is not meant for website blocking or anything other kind of blocking. when are people going to learn this.

  • Like 1
Link to post
Share on other sites
Depicus

hosts file is not meant for website blocking or anything other kind of blocking. when are people going to learn this.

When there is another effective way to block sites :)

Link to post
Share on other sites
SharpGreen

I can see a very legit use for only doing certain sites. Since DoubleClick is one of the biggest ad networks out there, redirecting it to a mailious IP address using the HOSTS file is a good way to get malware installed. Same with Facebook, and if something like that ever did happen to Mr Average J. User, he wouldn't even begin to know how to fix it.

Link to post
Share on other sites
Mike Frett

Can't believe I'm defending Windows 8, but here goes: I did my own testing here with XP, Vista and 7. It has nothing to do with the OS you are using, and everything to do with MSE. End of story, try it for yourself. MSE will remove certain things from your HOSTS file even if it's Read Only.

Link to post
Share on other sites
The_Observer

Can't believe I'm defending Windows 8, but here goes: I did my own testing here with XP, Vista and 7. It has nothing to do with the OS you are using, and everything to do with MSE. End of story, try it for yourself. MSE will remove certain things from your HOSTS file even if it's Read Only.

while true, MSE is install by default on windows 8. By doing this i count MSE on windows 8 as part of the windows 8 OS. Im very interested in this, but am not going dog MS and Windows 8 till more is known.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Dutchie64
      HI,

      Hope there are still some Surface2 (RT)  Win8 users around, as I still use mine almost daily besides my S3.

      The tablet ran the latest 04-2018 security update yesterday, but it messed up all my installed apps. Almost all of them refused to start and got stuck on the start/icon screen.
      It doesn't really matters if it's MS native apps or 3rd party ones.
      After some fiddling I got some of them to start again, by starting/closing them frequently, but are dog slow atm.

      While this was all happening, CPU and harddrive usage was over 60-70%%, as if Windows was still doing stuff. Even after multiple reboots/shutdowns.

      Also, the apps that refuse to start (for now) are apps that are not in the Store anymore. Coincidence?
      Does this sound familiar to someone, or did I just got a bad update experience?

      cheers!

      rob

       
    • By ogannon
      Hi All,
       
      I am trying to mend my parents in law's computer. It's a Lenovo with Windows 8. The computer is extremely slow - loading up the computer you need at least two attempts - the first attempt you get a blue screen. Using the PC I've encountered that the computer is extremely slow - mouse stops when you are moving it etc...
       
      I've run a disk cleanup and then also a virus run. These did not make a big difference.
       
      Does anyone have any further ideas on how to remedy this problem? Would prefer not to reboot the entire machine as I have lost the Office 2010 code.
    • By Sergey "hb860"
      Win+X Menu Editor for Windows
      version 2.0.0.1
      Win+X Menu Editor is one of my applications and it serves to provide you a simple and useful way to edit Win+X menu without system files modification. It keeps your system integrity untouched.
      With Win+X Menu Editor you are able:
      to add new items. to remove any item of Win+X menu. to change display name of any item of Win+X menu. to reorder Win+X menu items. Screens:


      This release features the following changes:
      hashlnk is not required anymore, all its functions are ported into the Win+X Menu Editor source code Numerous bugs are fixed, such as sorting bug or crash on empty Win+X menu Improved "add a program" feature New clean and useful UI with hotkeys, new icons The ability to move shortcuts between groups New feature - "Presets", which allows you to add various commands in Win+X menu, such as shutdown options, calculator and so on. Fixed a bug with built-in items renaming Video with new version is available at the download page.
      Download link
    • By Copernic
      HostsMan 4.7.105
      by Razvan Serea



      HostsMan is a freeware application that lets you manage your Hosts file with ease. No Spyware! No Adware! No Viruses! 100% Freeware! Clean & simple. HostsMan is fully compatible with Windows XP SP2, Server 2003 SP1, Vista, Server 2008, 7, Server 2008 R2, 8, Server 2012, 10.

      HostsMan main features:

      Built-in hosts file updater Enable/Disable hosts file Built-in hosts editor Scan hosts for errors, duplicates and possible hijacks Hosts file backup manager Exclusion list and much more... What's new since 4.6.103:

      added: Update Manager dialog now has the option to open local update source files in editor added: "Dan Pollock's hosts file" source changed: more information is displayed when hosts file is in use by other applications (Vista and later) changed: updated URLs for "Peter Lowe's AdServers List" and "Malware Domain List" sources fixed: control of DNS Client service is broken fixed: "Export Hosts" always exports to zip file under Vista and later fixed: minor bugs. Download: HostsMan 4.7.105 | Portable HostsMan | ~3.0 MB (Freeware)
      Link: HostsMan Home Page

    • By Ian W
      Do you use the Libraries feature introduced in Windows 7 and / or the Saved Search (otherwise known as Virtual Folder) feature introduced in Windows Vista? If so, do you have a preference for either feature?

      While I like both features I, as you probably expected, prefer the Saved Search feature. Both Libraries and Saved Searches consolidate content from multiple locations in a single view, and both allow users to customize their viewing experience based on the content displayed. Libraries, however, only allow users to display content based on folder locations (e.g., they cannot reference content based solely on dates, file attributes, et cetera), and users must manually add folders to a library before their content will appear.

      In contrast, Saved Searches can reference multiple locations simultaneously—or an individual folder(s) if that is what a user desires—based on a user's criteria such as specific names, dates, metadata, types, and words or phrases within files themselves. Also unlike Libraries, users can refine their Saved Search results with Boolean operators, natural language search (in Windows Vista and Windows 7), query composition, and / or the options offered by the column headers in File Explorer.