November 29th, 2005, 08:40 PM
Firewall question (hosts, peerguardian)
I’ve been using a program peerguardian http://phoenixlabs.org/ for couple of days and I noticed that there are many “institutions” trying to reach my system through one port or another. Is, what PG does only a glorified version of having a “hosts” file point to 127.0.0.1? I keep on thinking that somehow edonkey, bittorrent and others determine their DNS info from “their own” network or even maybe they just work on IP level, therefore PG is necessary. Is PG really necessary or can I just input the info into the hosts file?
By the way does anyone have a good hosts info I can use to block most notorious domains?
November 29th, 2005, 11:59 PM
OK, your hosts file tells your system where it can go, not who can access your system from the outside. Hosts files can be compromised in network environments, so I'm kind of skittish about using them, and generally configure network settings of domain workstations to not use hosts files. I have used them for kiosk type machines, where I want to limit where the system can browse to.
The peerguardian is telling you about systems that are trying to access your system from outside, likely other systems that use P2P (gnutella, KaZaa, LimeWire, etc.) software. You may have participated in the past with P2P networks and they still have you on the share lists. You may be able to configure your firewall to just ignore and drop these probes.
November 30th, 2005, 02:26 AM
I have had PG since Methlabs created it, and it is very useful, what you are seeing is servers constantly using their search functions to find files, every now and then you will see RIAA or some other recording company.(This is how they can determine if you have the latest Spiderman movie) as it will return your IP, but as long as it is blocked, not to worry.
Mostly it is colleges and universities (hhmmm what could they be doing?) and a few Military ones, probably some poor sap stuck on duty at a barracks some place and just so happened to install a P2P program on the Base Commanders PC and is using it to find music files to download
Noticed lately a lot of Chinese originated ones.
A good program/App for using with the HOSTS file is called Hoster or Hostmans both can be downloaded from here HOSTS FIle
This is good info on HOSTS files.http://accs-net.com/hosts/what_is_hosts.html
The HOST file protects you if you were to say try to go to a website that is listed in the HOSTS file, it will time out, these lists are fairly useful.
You can also manage the HOSTS file with the Highjack this tool, also Microsoft Antispyware Beta can let you edit the file.
The thing I like with the Hoster, is if at anytime you get tired of the bloated HOSTS file it will put back the MS default HOSTS file.
Like rapier57 says though the HOSTS file can be compromised and have your Windows Updater as well as your Antivirus Updater redirected to your 127.0.0.1,which means you may think you are getting updates but your not. Also I forgot to mention but Spybot S & D comes with a HOSTS file as well and it can be merged with the Windows default HOSTS file, make note though this file does become bloated and will slow things down a tad.
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
November 30th, 2005, 02:43 AM
why do ppl put all those entries into the hosts file...
if it is really to prevent from "inside out", it will only prevent "ME" from going to certain sites (this is of course in my own computer not when you have users in corp. edu. mil. environment.)
1. does it prevent web sites that i download from displaying ads originated on different sites?
2. can i prevent (for example) software which is ad-based (edonkey free version, certain downloader) from reaching the sites where the ads originate ?
what are other uses for hosts file?
also.. PG many of the names that came up seems like names of companies... are they all just ISP's or the owners of the domains ?
UNIX IS user friendly, it\'s just very choosy about who it calls a friend.