How to fully block a domain using the Hosts file

If I want to block a domain e.g. foobar.com using the host file, I understand from another thread that I can't use wildcards to cover all versions of the domain but have to list each version separately.

That being so, what are all the possible versions I would have to list in order to fully block the domain? For example:

http: with/without doubleyou,doubleyou,doubleyou

doubleyou,doubleyou,doubleyou (without http)

https:

http://foobar.com

ftp

etc

What is the definitive full list? What other types need to be covered? Are some types as listed duplicates (in terms of how the host file interprets them) such as http: with doubleyou,doubleyou,doubleyou ..... and doubleyou,doubleyou,doubleyou......

(Sorry about the doubleyou,doubleyou,doubleyou but if I write them normally, the editor insists they are actual links and disallows them unless I "wrap them in a code block" whatever that is).

blocking

dnaman

Posted 2014-06-30T21:09:11.243

Reputation: 41

Answers

I Assume with hosts file you're talking about /etc/hosts or it's os specific equivalent, if not, my answer won't be of any value.

First, you're lucky, as it doesn't care (or, correctly, know) anything about protocols. the hosts file is only about hostnames (or domains).

Second, you're bad luck. There is no way to retrieve all existing hosts under a specific domain. In fact, the names could be even dynamic, and don't need to exist befor beeing queried.

To block anything behind example.com., you have two options:

Run your own local DNS server, with a record for *.foobar.com., and recursing everthing else to the real dns.
Sniff on dns traffic, grep every request for foobar.com., and dynamically add all labels found that way to your hosts file. This will only take effect after some time, so it's not bulletproof, and will be damn hard to do correct.

2.) is bullshit.

1.) is the way do it. It's the way everyone in the need uses.

Running your own DNS isn't rocket science, and there are lots of friendly resources on the net. Try googling for "bind howto".

But, take a minute and reconsider your goals.

If you want to forbid some program to phone home, a moderate amount of traffic sniffing will probably reveal any hostnames it uses, and you can put them into your hosts file manually.

On the other hand, if you want prevent users (humans) watching youporn, don't bother, they are probably smarter than you, and will circumvent your actions faster than you can deploy them.

blackhat.blade

Posted 2014-06-30T21:09:11.243

Reputation: 156

Also a good sniffer for this kind of thing is fiddler. (http://www.telerik.com/fiddler)

– devzero – 2017-03-29T03:50:19.023

You answered yourself. You cannot use wildcards according to hosts file specifications.

You might want to try a different and more complex approach if you really need to block a domain in its entirety. E.g. you might want to run your own DNS applying filtering properly.

The cheapest is to use a Raspberry Pi hardware to install a DNS service (be sure to run DHCP on Raspy or set your home router accordingly, or use static IPs).

usr-local-ΕΨΗΕΛΩΝ

Posted 2014-06-30T21:09:11.243

Reputation: 3 733

Yes, I do know I can't use wildcards (that's why I said so). Since I only want to block a single domain (for reasons which are private, personal and unrelated to any of the reasons suggested here) it would seem easier to simply add all possible variations on that domain to the hosts file rather than set up dns servers, R-pi's, traffic sniffers etc. As long as I know what possible variations to add (they presumably don't all have to actually exist for that domain). – dnaman – 2014-07-01T00:20:34.010

-2

Might be a old question but clearly still was never answered.

Simple:

127.0.0.1 x.y.z //direct lookup to localhost address

That will block any domain named. Its cheap and dirty but it works as you are telling your computer that this domain is located at your 'local IP' thus it never does anything but timeout.

I use this method to kill seriously sketchy popup websites that most adblock software wont even stop.

sycholic

Posted 2014-06-30T21:09:11.243

Reputation: 1

1The point of the question was the OP didn't know the full (sub)domain names, so this does not answer the question. – dave_thompson_085 – 2017-03-29T03:58:44.347