speed and dns cache

[elementaos]

Finally found a solution for windows 10. Acrylic DNS Proxy. Just set my ipv4 dns in network adapter to 127.0.0.1 and extracted hosts.txt file from zip from hosts-file.net  to C:\Program Files\Acrylic DNS Proxy. Then put this into AcrylicHosts.txt: "@ hosts.txt". And purged and started acrylic dns from start menu. Your freedom app could not start for some reason, beacuse it is complicated. So added my normal isp dns as secondary dns server which your-freedom can use. And everything works smoothly. It takes few seconds to load file into ram on service start, and it doesn't waste hdd anymore. Also they support *, ?, and regex which is similar to adblockers. So tried entering one blocked site and yes it is blocked. It wont skip to secondary real dns server which i only set so yf can work. No worry. ?

A bit more unneccessary info:

And it shows 0 cpu usage in task manager, and only 27 MB RAM. No need for complicating through virtual disk and junction or anything. Although I had to set my real dns manually in acrylic configuration file instead of default google dns, the same one i had to manually use before in all my network adapters, meaning nothing new, because my isp is blocking google or any other but theirs dns, well, at least for this unusual type of connection (using your freedom and dns tunneling via mms apn instead of internet apn in mobile phone). Also i do not use ipv6 because this odd type of connection i use everyday doesnt support it (actually isp mms apn doesnt support it, so nothing weird there). But that would be off topic...

Edited June 13, 2018 by elementaos

[elementaos]

And luckily it supports adding many hosts files and will block those normal 127.0.0.1 so no need to convert them to 0.0.0.0. Verified these immediately blocked connections using proxifier.

 

Actually why do i use one hosts? Hosts-file.net already offers separated hosts files by type. So better use that. So when i wanna download warez just exclude warez hosts file. Also make one my file where i put newly  discovered bad hostnames.

Edited June 13, 2018 by elementaos

[exile360]

Cool, so you finally found a configuration that works.  I'm glad to hear it  

[elementaos]

And because my primary dns is of acrylic and secondary normal one, I can just switch them in second to only my normal one when i want to avoid using it, using nirsoft quicksetdns. No need to stop whole acrylic dns or to exclude individual hosts sources or lines.

[exile360]

Very nice, it sounds like you have a good setup

I do the same with Simple DNSCrypt.  It has a checkbox that I can check/clear to enable/disable its custom DNS setting on my network connection which makes it very easy to switch back and forth, and if I need to disable my HOSTS file, HostsMan has a button that lets me do the same so turning it on/off is easy as well.

[elementaos]

And i actually had to disable dns client in windows 10, although i previously said it must not be disabled because windows 10 will become slower even with small hosts file. Well, if we remove hosts file, then no problems. I had to do it because if dns client is running and i use acrylic dns proxy and change dns config via quicksetdns to avoid using acrylic, then again use dns for acrylic, then sites unblocked via avoiding use of acrylic are cached in windows dns and almost like acrylic doesn't work for these sites. Even sometimes when i use ipconfig /flushdns. When dns client is disabled, everything is normal, changes are immediate. Also luckily quicksetdns allows to export this enabling or disabling of various settings using cmd, which can be exported to individual bat files and run from desktop or taskbar or start menu. Just want to warn everybody:

NEVER USE HOSTS FILE ON WINDOWS 10 WITH DNS CLIENT DISABLED OR SYSTEM WILL BE SLOW, EXCEPT IF YOU REMOVE HOSTS FILE.

NEVER USE LARGE (3rd party) HOSTS FILE ON WINDOWS 10 EXCEPT IF YOU ARE USING 3RD PARTY DNS CACHE TOOL (Acrylic in my example). EVEN IF DNS CLIENT IS ENABLED (MEANING EVEN IF YOU SKIP ABOVE MISTAKE) IT WILL TAKE HOURS TO CACHE THAT HOSTS FILE (NORMAL ADVICE WHY PEOPLE RECOMMEND DISABLIND DNS CLIENT).

[elementaos]

And one more thing: when hostsman is opened and closed, this hosts files is regenerated (2 bytes i think). So we must remove it again if we don't want to experience consequences. Even when there is not hosts file there is some activity which searches for that file repatedly for example from firefox. But if it finds that file, even if 2 bytes only, then that activity is increased many times, enough to be felt. Only on win10. Although there is also constant hdd activity with hosts file on winxp, there is no speed/performance consequences. Weird win10. But even having constant hdd activity is not good, at least for such small files like hosts. That's why i reccommend something like dns cache but fast. Like virtual disk on physical ram or acrylic or other 3rd party dns caches... Dns cache prevents constant reading of hdd, but it takes many hours for hosts to read. Probably bad programming by microsoft.

Edited June 15, 2018 by elementaos

[David H. Lipman]

1 hour ago, elementaos said:

Probably bad programming by microsoft.

No.  This application of the etc/hosts file is a misuse of the TCP/IP construct which is the same in NFS implementations.

It was designed to provide a static name to an IP host when there is no other Name Resolution solution.  It was never meant to act at a comb filter, or null sink, for personally objectionable sites.

[elementaos]

And in windows 10 it is not even used to define localhost like in previous systems. It says:

Quote

# localhost name resolution is handled within DNS itself.
#    127.0.0.1       localhost
#    ::1             localhost

Localhost was not commented out (#) in windows xp for example. Additional reason why this file is not needed in windows 10. And maybe best to leave that file but restrict all permissions to everyone for it, so it won't waste performance and hdd. Well, at least for us who use hosts method for blocking... Windows is useful only in presence of 3rd party software like notepad++, chrome or firefox, adblockers...

 

Even Microsoft figured out that for example  Chrome is better than Edge.

Edited June 15, 2018 by elementaos

[David H. Lipman]

It doesn't have to be used.  That's why it is commented out.  It is only needed if you want to use something like...

ping  locahost

     rather than using...

ping  127.0.0.1

Again, the etc/hosts file is for host name resolution not name resolution negation.

[elementaos]

I don't think so. I know that hosts is for hostname resolution, and this can be used for name resolution negotiation too. But in windows 10 localhost is defined somewhere else. Computer already knows what localhost is. In windows xp it's not. In windows xp if we remove hosts file or turn it into comment, it won't know what localhost is.

[David H. Lipman]

 

Edited June 15, 2018 by David H. Lipman

[elementaos]

I am saying simple obvious truth.

[exile360]

I don't know about Windows 10 as I have very limited experience with it, but in XP, Vista and 7 I've always used a large HOSTS file to block malware, ads and other unwanted content and it's always worked just fine, but it does sound as though 10 is different, which is troubling to me as I know for a fact that there is significant value to be had in using these HOSTS files (even when employing other web filters such as the one included in Malwarebytes Premium, plugins/extensions like Adblock Plus, Ghostery, Disconnect etc., all of which I also use, yet my HOSTS file still blocks plenty that they don't even though I only update it maybe once every week or two).

I also use the Immunize function in Spybot S&D (which also adds entries to the HOSTS file) as well as Spywareblaster which uses the registry to add sites to the restricted sites zone for IE as well as adding sites to the restricted sites list in Firefox.

[Al-Green-COS]

This issue can be successfully resolved via regedit by removing 'DNSCache' entry from NetworkService REG_MULTI_SZ at:

1) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost

2) HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Svchost

Prior to this I had to wait ~10 minutes for SVCHOST DNS Client to complete its process when using Steven Black's hosts file. After making this change, I no longer have to wait. Enjoy....