confused about hosts file

[louise]

I'm getting sick and tired of removing the same tracking
cookies everytime I run an antispyware program.

So I started looking at the host file at mvp.org. But the
notes say that any hosts file larger than 135kb will slow
down win XP. The MVP hosts file is almost 500 kb.

What should one do? Might I just add the things that are
consistently picked up in my antispyware? Is there a
smaller hosts file that is still considered valuable?

I'm running FF 2.0 about 95% of the time with noscript and
adblockplus - but I still collect all these tracking
cookies.....

Help?

Thanks.

Louise

[siljaline]

Web master contact info at bottom of main URL, Louise.
http://www.mvps.org/winhelp2002/hosts.htm

Mike is very receptive to these sorts of queries!
Tell him that Silj sent you.

Silj

--
siljaline

"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous sixteen-year-olds possessing infinite amounts of free time."
- Neil Stephenson, _Cryptonomicon_

[Vanguard]

"louise" <louise@invalid.invalid> wrote in message
news:4tse7jF15l0mkU1@mid.individual.net...
> I'm getting sick and tired of removing the same tracking cookies
> everytime I run an antispyware program.
>
> So I started looking at the host file at mvp.org. But the notes
> say that any hosts file larger than 135kb will slow down win XP.
> The MVP hosts file is almost 500 kb.
>
> What should one do? Might I just add the things that are
> consistently picked up in my antispyware? Is there a smaller hosts
> file that is still considered valuable?


Get a cookie manager so you can whitelist which domains are allowed to
leave their cookies on your host and all others will get purged. Even
IE has cookie management with Allow and Block lists so I would think
FireFox would have better cookie management. Maybe not. Problem is
that some sites won't work unless you allow them to write a cookie
..txt file. A cookie manager that whitelists the domains should allow
the cookie to appear while you are visiting a site but purge the
non-whitelisted cookies when you exit your browser. That way you can
keep the 1st party cookies that you want, block all 3rd party cookies,
and allow non-whitelisted cookies during your visit but they will get
deleted. If you are using Firefox, why not just go into it and
configure the cookie management there by setting the Keep Cookies
option to "until I close FireFox"? Put the whitelisted domains in the
exceptions list. I don't use Firefox but that info was pretty easy to
find (that is, Google works).

If you use a huge hosts file, disable the DNS Client service (which
caches DNS queries into a local cache but slows down using the hosts
file). Wildcarding or truncation are not allowed in a hosts file.
That is, the IP name must be a full name. You can't just specify a
domain and then have all hosts at that domain blocked but instead have
to list every host at that domain. When I last looked at the MVPS
hosts file, there were 52 entries just for DoubleClick. Now there are
72. Doubleclick, or anyone, can actually used a randomized hostname
on their boundary host to circumvent hosts files; i.e., they will
accept any hostname name so you'll never be able to reasonably list
all permutations in a hosts file. The size of the hosts file makes it
unmanageable to the user so you are relinquishing control to whomever
built the hosts file; i.e., you are letting someone else decide where
you can and cannot go, and you could later find that you'll be asking
why you cannot get to a particular site because you don't actually
manage your hosts file so you haven't a clue as to where you chose to
have someone else block you (you'll forget about the hosts file). I
gave up using the hosts file long ago. Now it is just used to let me
use IP names, like SpamPal instead of 127.0.0.1, when configuring
accounts in e-mail clients, for example, so I remember what I'm doing
in the configuration. There are better solutions than using a hosts
file, especially for cookie management.

[cmsix]

"Vanguard" <vanguard@domain.invalid> wrote in message
news:elbr76$nq2$1@aioe.org...
> "louise" <louise@invalid.invalid> wrote in message
> news:4tse7jF15l0mkU1@mid.individual.net...
>> I'm getting sick and tired of removing the same tracking cookies
>> everytime I run an antispyware program.
>>
>> So I started looking at the host file at mvp.org. But the notes
>> say that any hosts file larger than 135kb will slow down win XP.
>> The MVP hosts file is almost 500 kb.
>>
>> What should one do? Might I just add the things that are
>> consistently picked up in my antispyware? Is there a smaller hosts
>> file that is still considered valuable?
>
>
> Get a cookie manager so you can whitelist which domains are allowed
> to leave their cookies on your host and all others will get purged.
> Even IE has cookie management with Allow and Block lists so I would
> think FireFox would have better cookie management. Maybe not.
> Problem is that some sites won't work unless you allow them to write
> a cookie .txt file. A cookie manager that whitelists the domains
> should allow the cookie to appear while you are visiting a site but
> purge the non-whitelisted cookies when you exit your browser. That
> way you can keep the 1st party cookies that you want, block all 3rd
> party cookies, and allow non-whitelisted cookies during your visit
> but they will get deleted. If you are using Firefox, why not just
> go into it and configure the cookie management there by setting the
> Keep Cookies option to "until I close FireFox"? Put the whitelisted
> domains in the exceptions list. I don't use Firefox but that info
> was pretty easy to find (that is, Google works).
>
> If you use a huge hosts file, disable the DNS Client service (which
> caches DNS queries into a local cache but slows down using the hosts
> file). Wildcarding or truncation are not allowed in a hosts file.
> That is, the IP name must be a full name. You can't just specify a
> domain and then have all hosts at that domain blocked but instead
> have to list every host at that domain. When I last looked at the
> MVPS hosts file, there were 52 entries just for DoubleClick. Now
> there are 72. Doubleclick, or anyone, can actually used a
> randomized hostname on their boundary host to circumvent hosts
> files; i.e., they will accept any hostname name so you'll never be
> able to reasonably list all permutations in a hosts file. The size
> of the hosts file makes it unmanageable to the user so you are
> relinquishing control to whomever built the hosts file; i.e., you
> are letting someone else decide where you can and cannot go, and you
> could later find that you'll be asking why you cannot get to a
> particular site because you don't actually manage your hosts file so
> you haven't a clue as to where you chose to have someone else block
> you (you'll forget about the hosts file). I gave up using the hosts
> file long ago. Now it is just used to let me use IP names, like
> SpamPal instead of 127.0.0.1, when configuring accounts in e-mail
> clients, for example, so I remember what I'm doing in the
> configuration. There are better solutions than using a hosts file,
> especially for cookie management.

Thank you for that very useful information. It wasn't directed at me
but I appreciate seeing it.

cmsix

>

[louise]

cmsix wrote:
>
> "Vanguard" <vanguard@domain.invalid> wrote in message
> news:elbr76$nq2$1@aioe.org...
>> "louise" <louise@invalid.invalid> wrote in message
>> news:4tse7jF15l0mkU1@mid.individual.net...
>>> I'm getting sick and tired of removing the same tracking cookies
>>> everytime I run an antispyware program.
>>>
>>> So I started looking at the host file at mvp.org. But the notes say
>>> that any hosts file larger than 135kb will slow down win XP. The MVP
>>> hosts file is almost 500 kb.
>>>
>>> What should one do? Might I just add the things that are
>>> consistently picked up in my antispyware? Is there a smaller hosts
>>> file that is still considered valuable?
>>
>>
>> Get a cookie manager so you can whitelist which domains are allowed to
>> leave their cookies on your host and all others will get purged. Even
>> IE has cookie management with Allow and Block lists so I would think
>> FireFox would have better cookie management. Maybe not. Problem is
>> that some sites won't work unless you allow them to write a cookie
>> .txt file. A cookie manager that whitelists the domains should allow
>> the cookie to appear while you are visiting a site but purge the
>> non-whitelisted cookies when you exit your browser. That way you can
>> keep the 1st party cookies that you want, block all 3rd party cookies,
>> and allow non-whitelisted cookies during your visit but they will get
>> deleted. If you are using Firefox, why not just go into it and
>> configure the cookie management there by setting the Keep Cookies
>> option to "until I close FireFox"? Put the whitelisted domains in the
>> exceptions list. I don't use Firefox but that info was pretty easy to
>> find (that is, Google works).
>>
>> If you use a huge hosts file, disable the DNS Client service (which
>> caches DNS queries into a local cache but slows down using the hosts
>> file). Wildcarding or truncation are not allowed in a hosts file.
>> That is, the IP name must be a full name. You can't just specify a
>> domain and then have all hosts at that domain blocked but instead have
>> to list every host at that domain. When I last looked at the MVPS
>> hosts file, there were 52 entries just for DoubleClick. Now there are
>> 72. Doubleclick, or anyone, can actually used a randomized hostname
>> on their boundary host to circumvent hosts files; i.e., they will
>> accept any hostname name so you'll never be able to reasonably list
>> all permutations in a hosts file. The size of the hosts file makes it
>> unmanageable to the user so you are relinquishing control to whomever
>> built the hosts file; i.e., you are letting someone else decide where
>> you can and cannot go, and you could later find that you'll be asking
>> why you cannot get to a particular site because you don't actually
>> manage your hosts file so you haven't a clue as to where you chose to
>> have someone else block you (you'll forget about the hosts file). I
>> gave up using the hosts file long ago. Now it is just used to let me
>> use IP names, like SpamPal instead of 127.0.0.1, when configuring
>> accounts in e-mail clients, for example, so I remember what I'm doing
>> in the configuration. There are better solutions than using a hosts
>> file, especially for cookie management.
>
> Thank you for that very useful information. It wasn't directed at me but
> I appreciate seeing it.
>
> cmsix
>
>>
>
It was actually directed at me and it was very helpful.
Duh....I knew about the cookie file in FF but I never
connected using it with the problem I was trying to address.
I've set it up and changed the preference to clear when I
close FF except for what is whitelisted.

It's also clear that I don't want such a large hosts file
and that it has to be large if it's going to be effective.
So thanks for clarifying that as well.

Louise

[Beauregard T. Shagnasty]

louise wrote:

> I'm running FF 2.0 about 95% of the time with noscript and adblockplus
> - but I still collect all these tracking cookies.....

Firefox: Tools > Options > Privacy > Cookies

Check "Allow sites to set Cookies"
Keep Cookies: "ask me every time"

Then when an ad site wants to set a cookie, make sure the checkbox for
"Use my choice for all cookies from this site" is checked in the dialog,
and click Deny.

Depending on your usage, you may want to clear out all the "block"
domain name once a month or so. At the same dialog above, click the
"Exceptions" button. Click the "Status" column header, which sorts by
Allow and Block. Click first Block line, hold Shift key, click last
Block line, click Remove Site.

Click the "View Cookies" button to manage individual cookies.

Basic maintenance.

--
-bts
-Motorcycles defy gravity; cars just suck

[Michael Walraven]

Currently using IE7 (but worked with IE6 also)
My spytracker gives me the name of the cookie but not the web address(seems
dumb to me).
I take the name given and go to c:\Documents and Settings\myname\cookies
Here I look up the name from the spytracker. Bring the text up for editing
and examine the contents.
In the contents is always the name of the server spy.cdfreaks.com for
instance.
Taking the base (cdfreaks.com) I go to IE7's internet properties / security
and select Restricted sites.
I then add the base address cdfreaks.com (it gets converted to
*.cdfreaks.com when it is inserted).
No more cookies from that site.
My hosts file is empty except for 'localhost'.
First few time thru your spytracker this is a real pain but no worse than
adding to hosts. Now my system stays clean with only a couple of new
tracking cookies per week.

Would like to see spytrackers offer to add the tracker site to the untrusted
sites list!

Michael

"louise" <louise@invalid.invalid> wrote in message
news:4tse7jF15l0mkU1@mid.individual.net...
> I'm getting sick and tired of removing the same tracking cookies everytime
> I run an antispyware program.
>
> So I started looking at the host file at mvp.org. But the notes say that
> any hosts file larger than 135kb will slow down win XP. The MVP hosts
> file is almost 500 kb.
>
> What should one do? Might I just add the things that are consistently
> picked up in my antispyware? Is there a smaller hosts file that is still
> considered valuable?
>
> I'm running FF 2.0 about 95% of the time with noscript and adblockplus -
> but I still collect all these tracking cookies.....
>
> Help?
>
> Thanks.
>
> Louise

[Steve]

Michael Walraven wrote:
> Currently using IE7 (but worked with IE6 also)
> My spytracker gives me the name of the cookie but not the web
> address(seems dumb to me).
> I take the name given and go to c:\Documents and
> Settings\myname\cookies Here I look up the name from the spytracker.

I use Karen's Cookie Viewer to run through cookies and copy/paste unwanted
web addresses across to hosts.
http://www.karenware.com/powertools/ptcookie.asp

Set up the viewer to look for cookies on your whole drive and you can
control cookies on other PC accounts as well.

BTW Winpatrol contains a cookie filter that removes filters with specific
words in them (eg the filter 'hitbox' causes Winpatrol to automatically
remove any cookie that uses 'hitbox' in its URL).
http://www.winpatrol.com/

--
Steve

[Steve]

Steve wrote:

> BTW Winpatrol contains a cookie filter that removes filters with
> specific words in them (eg the filter 'hitbox' causes Winpatrol to
> automatically remove any cookie that uses 'hitbox' in its URL).
> http://www.winpatrol.com/

That should have read 'removes cookies' not 'removes filters'.

[louise]

Steve wrote:
> Michael Walraven wrote:
>> Currently using IE7 (but worked with IE6 also)
>> My spytracker gives me the name of the cookie but not the web
>> address(seems dumb to me).
>> I take the name given and go to c:\Documents and
>> Settings\myname\cookies Here I look up the name from the spytracker.
>
> I use Karen's Cookie Viewer to run through cookies and copy/paste unwanted
> web addresses across to hosts.
> http://www.karenware.com/powertools/ptcookie.asp
>
> Set up the viewer to look for cookies on your whole drive and you can
> control cookies on other PC accounts as well.
>
> BTW Winpatrol contains a cookie filter that removes filters with specific
> words in them (eg the filter 'hitbox' causes Winpatrol to automatically
> remove any cookie that uses 'hitbox' in its URL).
> http://www.winpatrol.com/
>
> --
> Steve
>
>
Funny......I set FF to notify me whenever a site wants to
set a cookie.

Then I went to look at Karen's Cookie Viewer - it refused to
load the page when I denied the cookie and I had to accept
the cookie to even look at the site.

Louise