Firewall vs entry in Hosts file ????
What is the difference (that is better) between having an entry in the "hosts" file, or a "rule" in a firewall application when trying to block inbound traffic from a known website or company.
Forum Discussion
- We had Windows 2 on a 286 PC with 386 KB of RAM for which we paid over a hundred bucks for the extra 128 KB. That is 41,450,777th as much RAM as in the system I'm typing this on. That was an upgrade from our Commode'd Or 64. Cutting edge at the time. I don't know if Window 1 was ever seen in the wild. We used Word not World for Windows which was not developed at the time. Lotus 123 and a db program from Borland I don't recall the name. I wrote software on their Turbo Pascal.
- I never had any workings with Windows before Windows 95. Never really had any interest in computers until I discovered you could play games on them.
fj12ryder wrote:
Yeah, using the "hosts file" was an old trick from waaaaay back. I think it was of use with Windows 98.
Actually, the hosts file came into the Windows world via Windows NT 3.1 who's development was strongly influenced by ("ripped off from?" :) ) DEC VMS, which was a parallel OS challenger to AT&T (Bell Labs) UNIX, which first introduced the etc/hosts file (HOSTS.TXT) that was part of the whole DNS system.
In the "learn something new every day" department, I've never heard of using the hosts file to deny or block routing ... I've only used it to define routing to an IP or host without depending on DNS ...
Greg- Do it at the firewall. In fact use OpenDNS for it's web filtering capabilities. It's free, easy, and has tons of built in categories to make blocking non-sense a lot easier.
- I would say both actually (Belt and suspenders protection) the firewall blocks the site from SENDING stuff to you. the hosts file prevents your computer from REQUESTING stuff by re-directing to local-host. (So you get a 404) But the firewall blocks the remote from sending to you even if you did not request.
- Yeah, using the "hosts file" was an old trick from waaaaay back. I think it was of use with Windows 98.
- Frankly using 'hosts' was a new one to me and I've been aware of / etc / hosts for 30 years. :) Never would have occurred to me to try that.
I'd always block a domain at the firewall, router level. Seems to me you've got more flexibility; easier to wildcard, easier to manage, no reboot etc.
