Question4 Sponge,et.al-Hosts File;Proxies

I run DNSKong and eDexter on Win98SE. It actually wasn't as much trouble installing and setting it up as it first appeared it was going to be.

I can't answer that as I don't run Proxomitron with DNSKong and eDexter, but I do run "BIND-LE 2.0 (beta) for Win9x" for DNS and they all work happily together. DNSKong allows choices for using PROXY, CACHE and/or PRESETS.

Yes, you can. DNSKong has both PASS and PRESETS filter files along with the NAMED (blocking) filter file (all filter files are TXT files). The PASS allows you to enter FQDNs (Fully Qualified Domain Names) to circumvent blocked domain names. The PRESETS is similar to the originally intended use of a HOSTS file.

Again, I can't answer questions about Proxomitron because I don't use it. You can still use a HOSTS file with DNSKong and eDexter, but the only required HOSTS file entries are "127.0.0.1 localhost" and "127.0.0.1 filtered.by.edexter". Those are the only entries in my HOSTS file, I do everything in DNSKong and/or eDexter's PAC file; blocking/passing (FQDNs, IP addresses, wildcard matching on domain names or paths, even partial names or paths) and presets (local DNS). Best I remember (it's been a long time since I set it up or had to tweak it any at all) the order is: -HOSTS file -eDexter's PAC file -DNSKONG presets -DNSKong passes -DNSKong blocks -DNS servers

I ran across this old answer from Sponge concerning the use of Hosts File with a local proxy. I wanted to add some observations not offered on this topic and pose some additional questions. (Pardon the poor formatting, using a third party route to the usenet.)

On my system Proxomitron will not allow a Hosts file lookup when using it with it's external proxy (user inputed) list. Instead it passes all DNS lookups to the external proxy. Therefore the Host file is ignored. While you are correct that host files can become quite large and probably waste some system resources, you neglect the fact that the Host file can also be used to bypass any DNS lookup at all for sites you visit frequently, thus saving any DNS lookup time in page loading. This appears only to be possible with sites that allow access based on their assigned single IP. I was attempting to take advantage of this feature of the Hosts file WITH Proxomitron and WITH using the external proxy feature with Proxomitron, thereby filtering the page through Proxomitron, but handling the DNS lookups for popular pages separately through the hosts file or even by querying my ISPs DNS. Neither seems to be possible with Proxomitron, at least when using it with it's proxy list. Everything goes to the proxy, DNS lookups included. I have not tried DNS Kong. I looked at it once but it sounded like too much trouble to use with an older Windows system (from memory?) as it required installing ancilliary system files and I did not want to do that. Supposedly DSKong is compatible with Proxomitron, but the question remains will it allow Proxomitron to do its thing and STILL use it's own DNS like filtering mechanism FIRST? Also can u use DSKong to ALLOW certain addresses as u can with a Hosts File? I have not used the program, but my guess is not. Anyone else found a solution wherein u can use the DNS hosts file and Proxomitron on the same lookup? My guess here is that it is simply better to add any block sites to Proxomitron itself. But this still does not allow the advantage of the Hosts File being a local DNS which is MUCH quicker for page loads, especially if your cache is cleared frequently.

*****previous discussion on this topic (believe from same newsgroup)******

On Sat, 19 Jul 2003 21:34:18 +0200, Tony wrote: >Hi,

This prob has tied me up my pc for quite a few hours now. >Like many other people, I "abuse" my hosts file to use it for blocking >ads. My ISP allows me to use a (remote) web proxy, which just has to be >entered, not using an auto configuration script. Before using the proxy >the hosts trick worked pretty good for ad blocking but no matter what I >try: when using the proxy, all sites named in the hosts file are simply >ignored and the trick fails. Apparently all requests are passed directly >to the proxy in any case. Any commands entered using the command prompt >do make use of the hosts file though, which seems logical. >Wherever I look on the net /Google's (usenet) archives, stories about >DNS lookups, hosts file tricks and popup killer referrals can be found, >but not a solution or explanation so far. Either I must be overlooking >something quite simple (probably due to the hot weather) or this case is >very exceptional, which I think not.. >A local network does exist, but this happens even when using one pc >instead of 3 and a router. I don't intend to install a proxy >server/machine of its own, just want to know why this happens and still >be able to configure each pc separately using its own hosts file -and- >the ISP's proxy. All this behaviour is the same for Windows 98 and 2000, >Mozilla and IE 5.01 (yes, using that for the occasional events some >sites don't work with normal browsers ;) ). >The "bypass proxy for local connections' option doesn't do the trick, as >far as I understood this is probably because the hosts file has nothing >to do with sites on the local network/pc. >Tried the (often present by default) 127.0.0.1 for 'do not use...' in >both IE and Mozilla's proxy settings. Same story. >So I have read
formatting link
>
formatting link
including its referred-to MS's >
formatting link
and >
formatting link
(*), >
formatting link
>
formatting link
and numerous other pages. >Eventually thought to have found the answer at * above, which is part of >DNSKong's
formatting link
But just >when thinking this setting of 127.0.0.1 as a first DNS in the network >settings was all that is needed, it turned out this "Controlling DNS >lookup sequence" is only applicable for DNSkong and does not work for >the hosts file only, which is what I want. Worse than that: because "[4. >DNSKong is compatible with web proxies or proxy servers. Your browser >will route its request through your proxy server before your machine >looks up an entry in Hosts or DNSKong.]" enabling the web proxy in >network settings makes DNSKong useless, at least for what I want. >The weird thing is that everybody is so fond of this hosts file trick, >but I cannot find a word, not even in DNSKong documentation, about the >need of -not- using a web proxy to make this hosts file trick work. As >it becomes clear (at least in my case, and correct me if I'm wrong), >browsers talk to proxies directly and blocking their requests isn't as >easy as one thinks, unless a local proxy is used, or..? >What is happening / what am I missing? Or simpy spoken: how to use an >ISP's web proxy and still benefit from the hosts file trick and without >using any 3rd party software? >TIA, >Tony

AFAIK, you can't. Your browser is directly routing all traffic requests to the proxy; in a sense, your DNS system isn't even there. When using a remote proxy your system is effectively operating as a mere terminal. There are ways of chaining proxies, which might work. Using a local proxy like Proxomitron or WebWasher, and the corresponding 127.0.0.1 setting in your browser, will direct all HTTP (and, in the case of Proxo with the SSL option, all HTTPS) requests through the local proxy before passing them to the external proxy, and vice-versa for incoming traffic. There are other proxies that will handle all types of traffic, if you plan on using the remote proxy for FTP and whatnot as well. This will give DNSKong (and, it *SHOULD* give HOSTS) a chance to work locally before passing any requests to the proxy outside your network.

Of course, you can just use DNSKong and obviate the need for a HOSTS file altogether. Don't get too stuck on the idea of using HOSTS. The thing is, DNSKong was developed as a way to streamline HOSTS; take a look at a HOSTS file and look at all the redundancy. With current HOSTS files reaching upwards of 450k, that means your system is searching through 450k of data strings for each and every DNS lookup. Typical webpages may contain dozens of redirects, web bugs, and ad links. Worse still, with HOSTS, they have to be an exact match (i.e. a fully-qualified domain name) in order for HOSTS to block them. With DNSKong, you only need a basic subcomponent of a domain name to block one. For example, putting "akamaitechnologies" just once in your named.txt file will block any of the 10,000 or so domain names containing "akamaitechnologies".

Spong