Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Adding block lists to hosts file.

  1. #1
    Join Date
    Feb 2010
    Location
    Kerala, India
    Beans
    257

    Adding block lists to hosts file.

    Ubuntu 21.04. Linux newbie here. For a few months I’ve been thinking about setting up a pi-hole to block ads. But a few days ago I read about just adding a block list to the hosts file. I wasn’t aware of this option. It sounds a lot easier than setting up a pi-hole.

    I found some ad block lists here https://winhelp2002.mvps.org/hosts.htm and here https://github.com/StevenBlack/hosts/blob/master/hosts. Other quality lists I should know about?
    When the block list is added to the hosts file, is that about the same as having a pi-hole? What is the advantage of a pi-hole over a block list in the hosts file?

    Looks like adding the list to the hosts file is pretty easy. But I’m a newbie, so there may be some important things I don’t know. What do I need to know/do before adding a block list to my hosts file?

    Yes, I’ll make a copy of my original hosts file before editing.
    MSI Bravo 15 AMD Ryzen 7 4800H 15.6" 40GB A4DDR-212IN, 2TB nvme (Ubuntu 21.04) and 500GB nvme (Windows 10)

  2. #2
    Join Date
    May 2010
    Beans
    1,892

    Re: Adding block lists to hosts file.

    Yes the /etc/hosts file is just text. If you want something like this and have many systems then you may want a PiHole system. You can edit the file with

    Code:
    sudo cp /etc/hosts ~/Documents/hosts_$(date +%F-%T)
    sudo vi /etc/hosts
    This makes the backup too (with the first command) then opens the file in vi. If you prefer a different text editor then use that.

  3. #3
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Adding block lists to hosts file.

    The problem with /etc/hosts is that wildcards cannot be used. So, instead of blocking
    *.facebook.com
    we have to list the 500+ subdomains used by facebook.com directly.
    A pihole, being the DNS for your internal network CAN use wildcards like *.facebook.com.

    Some idiot wrote this: https://lifehacker.com/how-to-block-...speed-30814279
    A slightly updated version: https://blog.jdpfu.com/pages/hosts-for-security

    Pi-hole running inside an LXD container on Ubuntu: https://ubuntuforums.org/showthread....4#post13947454
    The pi-hole running inside an LXD container is pretty amazing. I patch it weekly and run a set of update scripts weekly
    Code:
    $ more to-upgrade-pi-hole-sw 
    
    # Update pihole software
    echo "INFO: Update pihole software"
    pihole -up
    
    # Update tracking domain lists
    echo "INFO: Update tracking domains "
    ~/bin/update-trackers
    
    echo "INFO: Update pihole gravity block lists"
    # Update gravity block lists
    pihole -g
    The ~/bin/update-trackers script pulls a few different tracker lists, tweaks them for my personal needs, and drops them into /etc/pihole/ as ".list" files. Nothing too fancy, but my sensibilities are very different from what others use.

  4. #4
    Join Date
    Oct 2005
    Location
    Lab, Slovakia
    Beans
    10,465

    Re: Adding block lists to hosts file.

    BTW, I use a hosts file by Dan Pollock on all my machines:
    https://someonewhocares.org/hosts/zero/hosts

    It is pretty good and gets rid of about 99.9999% of all cruft on the net, your computer will react about 10,000 times faster and you will have about 1,000,000 times less problems with it...

  5. #5
    Join Date
    Feb 2010
    Location
    Kerala, India
    Beans
    257

    Re: Adding block lists to hosts file.

    Quote Originally Posted by HermanAB View Post
    BTW, I use a hosts file by Dan Pollock on all my machines:
    https://someonewhocares.org/hosts/zero/hosts

    It is pretty good and gets rid of about 99.9999% of all cruft on the net, your computer will react about 10,000 times faster and you will have about 1,000,000 times less problems with it...
    Here's my #<localhost> section

    127.0.0.1 localhost
    127.0.1.1 advait-Bravo-15-A4DDR
    # The following lines are desirable for IPv6 capable hosts
    ::1 ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters

    Here's Pollock's #<localhost> section

    127.0.0.1 localhost
    127.0.0.1 localhost.localdomain
    255.255.255.255 broadcasthost
    ::1 localhost
    127.0.0.1 local
    ::1 ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts

    Here's my guess at an updated version for me. This look correct?

    127.0.0.1 localhost
    127.0.1.1 advait-Bravo-15-A4DDR
    255.255.255.255 broadcasthost
    ::1 localhost
    127.0.0.1 local
    ::1 ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts
    MSI Bravo 15 AMD Ryzen 7 4800H 15.6" 40GB A4DDR-212IN, 2TB nvme (Ubuntu 21.04) and 500GB nvme (Windows 10)

  6. #6
    Join Date
    Feb 2010
    Location
    Kerala, India
    Beans
    257

    Re: Adding block lists to hosts file.

    Quote Originally Posted by TheFu View Post
    Pi-hole running inside an LXD container on Ubuntu: https://ubuntuforums.org/showthread....4#post13947454
    The pi-hole running inside an LXD container is pretty amazing. I patch it weekly and run a set of update scripts weekly
    I went to the DLN pi-hole link with the step by step. The instructions don't look too complicated. I'll research it a bit more and try it.

    Besides the wildcard ability, does the pi-hole have any other big advantage over using a modified hosts file?

    I don't have any kind of network and I'm not on a network. Just a stand alone pc.
    Last edited by Advait; September 14th, 2021 at 10:06 AM.
    MSI Bravo 15 AMD Ryzen 7 4800H 15.6" 40GB A4DDR-212IN, 2TB nvme (Ubuntu 21.04) and 500GB nvme (Windows 10)

  7. #7
    Join Date
    Oct 2005
    Location
    Lab, Slovakia
    Beans
    10,465

    Re: Adding block lists to hosts file.

    "I don't have any kind of network and I'm not on a network. Just a stand alone pc." - Except for a few billion other machines on the internet...

    You need not worry about the hosts file too much, just make a backup of the original file - I usually rename it to hosts.original - then save Dan's hosts file and name it hosts and Bob's your Uncle.

  8. #8
    Join Date
    Feb 2010
    Location
    Kerala, India
    Beans
    257

    Re: Adding block lists to hosts file.

    I backed up the original, added the block list and rebooted. Wow. Internet so much better without all the ads. This task should be added to all of those "N things to do after installing Ubuntu" lists.

    How often should I check https://someonewhocares.org/hosts/zero/hosts for an updated block list? 1/month? More or less often?
    MSI Bravo 15 AMD Ryzen 7 4800H 15.6" 40GB A4DDR-212IN, 2TB nvme (Ubuntu 21.04) and 500GB nvme (Windows 10)

  9. #9
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Adding block lists to hosts file.

    Quote Originally Posted by Advait View Post
    I don't have any kind of network and I'm not on a network. Just a stand alone pc.
    If you don't have any network, then why do you care about block lists at all? I take it this is for a different computer than you use to post here? That must be true, because the computer you use to post here **is** on a network and your must HAVE a network to be using it.

    Stand-alone PCs don't have ethernet or wifi or blue tooth. Those are all forms of NETWORKING and need full firewalls, block lists and a careful user.

    Besides the wildcard ability, does the pi-hole have any other big advantage over using a modified hosts file?
    A pi-hole can provide DNS for all devices on the network - smart phone, media players, tablets, TV tuners, **and** computers. Modifying the blocks in 1 location is nice. Also, most smart phones don't allow modifying the /etc/hosts file, so controlling it outside the device, via your own DNS (that's what a pi-hole is), would be the only way to control which DNS lookups are allowed.

    But it only works on the same network. /etc/hosts files are specific to each device. That means if you have a laptop and take it somewhere else - to a library, cafe, friends house, then your block list is still there, protecting you. Of course, if you run the pi-hole inside a Linux container that is on the same laptop, then that would come with you. It is a little more complexity and you'll need to patch the pi-hole OS and software. I do that weekly. If it breaks, then the internet will seem to be unavailable. That can be confusing to people who don't understand what DNS does.

    Neither of these will block links that don't use DNS lookups. So, any URLs that point directly to an IP address will ignore DNS. Eventually, the "bad guys" will be able to hide all their traffic in normal IPv6 address space because the number of IPs available is just so great as to make blocking them selectively just too hard. For example, my ISP gives me a /54 IPv6 address space. That's massively more IPs for my small business than the entire IPv4 internet has world-wide.

    IPv6 drastically changes the internet.


    With all that said, if you don't have any other devices - no smartphone, no tablet, no network TV tuners, no media stick players, then using a /etc/hosts block list is an excellent step.

    BTW, that lifehacker link above ... I wrote that article ... I'm the idiot. At the time, I was pushing my tweaked /etc/hosts file to 5 different systems as needed through ansible (that's a DevOPS tool to do system administration on 5 - 5000 computers).
    Last edited by TheFu; September 14th, 2021 at 01:59 PM.

  10. #10
    Join Date
    Feb 2010
    Location
    Kerala, India
    Beans
    257

    Re: Adding block lists to hosts file.

    Quote Originally Posted by TheFu View Post
    If you don't have any network, then why do you care about block lists at all? I take it this is for a different computer than you use to post here? That must be true, because the computer you use to post here **is** on a network and your must HAVE a network to be using it.

    Stand-alone PCs don't have ethernet or wifi or blue tooth. Those are all forms of NETWORKING and need full firewalls, block lists and a careful user.
    Good point. I should have said I'm on the internet but no ethernet, home or business network. I'm afraid I don't know all the correct terminology. But I'm slowly learning!
    Last edited by Advait; September 14th, 2021 at 01:52 PM.
    MSI Bravo 15 AMD Ryzen 7 4800H 15.6" 40GB A4DDR-212IN, 2TB nvme (Ubuntu 21.04) and 500GB nvme (Windows 10)

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •