0
Completat

Automatic updating of Hosts file

Anònim fa 10 anys updated by RaMMicHaeL fa 10 anys 2
Because it automatically changes the Hosts file, I presumably have to keep the option which prevents external programs changing this in my AV (WebrootSecureAnywhere) permanently unchecked which raises a risk? It would be better if one could be notified of updates, so that this option could be unchecked only when required.

Answer

Answer
Completat
Update: I think all questions were answered. Marking as completed.

Here's how Unchecky works with regards to the hosts file:
  • When the Unchecky service is started, Unchecky adds a block with hosts file rules, marked with special comments.
  • When the service is ended, Unchecky removes that block.
When Unchecky is updated, the new version of the service writes new hosts file rules.

Now for your question: should you disable the hosts file protection of your AV?
Disabling it is not a good idea, as the hosts file can be modified by malicious programs. A better idea is adding the Unchecky service to the AV's white list, so that it won't complain about Unchecky modifying the hosts file. If your AV doesn't provide such feature, you might want to contact your AV author and request it.
Under review
Here's how Unchecky works with regards to the hosts file:
  • When the Unchecky service is started, Unchecky adds a block with hosts file rules, marked with special comments.
  • When the service is ended, Unchecky removes that block.
When Unchecky is updated, the new version of the service writes new hosts file rules.

Now for your question: should you disable the hosts file protection of your AV?
Disabling it is not a good idea, as the hosts file can be modified by malicious programs. A better idea is adding the Unchecky service to the AV's white list, so that it won't complain about Unchecky modifying the hosts file. If your AV doesn't provide such feature, you might want to contact your AV author and request it.
Thanks RaMMichael!
I suspect whitelisting the Unchecky service in my AV won't override the host file update prevention option.
Would it be possible to provide an option for a notification when Unchecky is updated, as opposed to 'silent' update? This would allow me manually uncheck the host file update prevention option in the AV, then stop and restart the Unchecky service to allow the update of the hosts file ...


The hosts file is not only modified when Unchecky is updated. When you shut down your PC, the Unchecky service shuts down, and removes its entries. When the PC is started, the Unchecky service is started as well, and it writes its entries.

In my opinion, whitelisting Unchecky is a more correct and straightforward solution.
I had queried whether the whitelist option would work on the Webroot Community Forum. The product manager responded that the hosts file protection was part of the core shield and would be unaffected by whitelisting ... I guess I'll just have to keep tabs on the Unchecky changelog!
Here's what you can do:
Open your hosts file, copy the entries of Unchecky, disable hosts file rules in Unchecky (in advanced settings), and then add those entries manually.
Answer
Completat
Update: I think all questions were answered. Marking as completed.

Here's how Unchecky works with regards to the hosts file:
  • When the Unchecky service is started, Unchecky adds a block with hosts file rules, marked with special comments.
  • When the service is ended, Unchecky removes that block.
When Unchecky is updated, the new version of the service writes new hosts file rules.

Now for your question: should you disable the hosts file protection of your AV?
Disabling it is not a good idea, as the hosts file can be modified by malicious programs. A better idea is adding the Unchecky service to the AV's white list, so that it won't complain about Unchecky modifying the hosts file. If your AV doesn't provide such feature, you might want to contact your AV author and request it.