Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'possible security risk' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
possible security risk
Authored by: hayne on Nov 15, '05 09:03:55AM

I would like to point out that it is a possible security risk to install an /etc/hosts file that you download from somewhere unless you are careful to look at the contents of that file to be sure that it is only doing what it advertises.
For example, a malicious person could provide an /etc/hosts file that effectively redirected your banking inquiries to a different site of their making. Or that made Software Update connect to their site instead of Apple. Etc.

I would recommend using something like "Privoxy" (http://www.privoxy.org) instead of munging /etc/hosts. It is a more precise tool.



[ Reply to This | # ]
possible security risk
Authored by: Code Masseur on Nov 16, '05 01:11:02PM
Hayne wrote:
I would like to point out that it is a possible security risk to install an /etc/hosts file that you download from somewhere unless you are careful to look at the contents of that file to be sure that it is only doing what it advertises.

Excellent point! But you can use the shell to easily confirm that no rogue entries exist in /etc/hosts.

The following shell command will display any lines in /etc/hosts which do not start with sites which point to either 127.0.0.1, 0.0.0.0 or start with a comment.

grep -v "^127.0.0.1|^0.0.0.0|^#.*" /etc/hosts | more

If any lines are output, you can easily check to see if they are valid or rogue entries.



[ Reply to This | # ]
possible security risk
Authored by: markoz on Sep 01, '12 10:08:29PM
This worked for me:

grep -v -e "^127.0.0.1" -e "^0.0.0.0" -e "^#" -e "^\s*$"

[ Reply to This | # ]