If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
(Originally posted to the microsoft.public.windowsxp.admin_security
newsgroup but got no bites there after 4 days.) You can obtain pre-compiled hosts files used to block ad sources, phish sites, malicious sites, or other content (based on an IP name that has to include the hostname in the URL since this is, after all, a *hosts* file). One such pre-compiled hosts file is the one from the MVPs site (http://www.mvps.org/winhelp2002/hosts.htm). However, I'm wondering why the loopback address of 127.0.0.1 (for localhost) was chosen. 127.0.0.1 actually exists since it is the loopback interface defined in your NIC. If you put http://127.0.0.1/ into your web browser, you see it cogitate a couple seconds before erroring. 127.0.0.0 is the default network. Putting http://127.0.0.0/ results in an immediate failure. The web server won't try to connect to a particular host. The idea of using 127.0.0.1 only works if you are NOT running your own web server. If you are then obviously the hosts file that redirects to 127.0.0.1 is trying to connect to your own web server when the intent was to block a connection to the content at the specified host in the URL. This means you could see content from your own web site intermingled with the web page (where you were attempting to block some content or that site using the hosts file). Well, obviously it will take some time to retrieve web pages from your own server. Any local process listening on port 80 would connect to the 127.0.0.1 address you use in the hosts file for redirection (in trying to block content). So why even bother trying to use the loopback IP address? What happens if you have a web server that is local and listening on port 80 (for the HTTP connects)? Why waste time trying to connect to your local web server, if you have one or to even try to connect to one, if the point is to block content? Why not use 127.0.0.0 which results in an instant failure and would never connect to your web server should you ever decide to run one? Or use 127.0.0.254 which is unlikely ever to get used in your internal network path to define a host (but even that takes longer to generate an error than using 127.0.0.0)? Why the focus on using 127.0.0.1 to block content using the hosts file? Why would you want your web browser to even try to find localhost when the point is to always fail in order to block that content? 127.0.0.1 points to a particular diagnostics "host" (localhost). 127.0.0.0 points to the diagnostics "network" so no host would be found nor could one be found. |
Ads |
#2
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
Trolling for bites?
"VanguardLH" wrote in message ... : (Originally posted to the microsoft.public.windowsxp.admin_security : newsgroup but got no bites there after 4 days.) : : You can obtain pre-compiled hosts files used to block ad sources, phish : sites, malicious sites, or other content (based on an IP name that has : to include the hostname in the URL since this is, after all, a *hosts* : file). One such pre-compiled hosts file is the one from the MVPs site : (http://www.mvps.org/winhelp2002/hosts.htm). However, I'm wondering why : the loopback address of 127.0.0.1 (for localhost) was chosen. : : 127.0.0.1 actually exists since it is the loopback interface defined in : your NIC. If you put http://127.0.0.1/ into your web browser, you see : it cogitate a couple seconds before erroring. 127.0.0.0 is the default : network. Putting http://127.0.0.0/ results in an immediate failure. : The web server won't try to connect to a particular host. : : The idea of using 127.0.0.1 only works if you are NOT running your own : web server. If you are then obviously the hosts file that redirects to : 127.0.0.1 is trying to connect to your own web server when the intent : was to block a connection to the content at the specified host in the : URL. This means you could see content from your own web site : intermingled with the web page (where you were attempting to block some : content or that site using the hosts file). Well, obviously it will : take some time to retrieve web pages from your own server. Any local : process listening on port 80 would connect to the 127.0.0.1 address you : use in the hosts file for redirection (in trying to block content). : : So why even bother trying to use the loopback IP address? What happens : if you have a web server that is local and listening on port 80 (for the : HTTP connects)? Why waste time trying to connect to your local web : server, if you have one or to even try to connect to one, if the point : is to block content? Why not use 127.0.0.0 which results in an instant : failure and would never connect to your web server should you ever : decide to run one? Or use 127.0.0.254 which is unlikely ever to get : used in your internal network path to define a host (but even that takes : longer to generate an error than using 127.0.0.0)? : : Why the focus on using 127.0.0.1 to block content using the hosts file? : Why would you want your web browser to even try to find localhost when : the point is to always fail in order to block that content? 127.0.0.1 : points to a particular diagnostics "host" (localhost). 127.0.0.0 points : to the diagnostics "network" so no host would be found nor could one be : found. |
#3
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
From: "VanguardLH"
| (Originally posted to the microsoft.public.windowsxp.admin_security | newsgroup but got no bites there after 4 days.) This is a networking question not an OS question. Try asking in an appropriate TCP/IP networking news group instead. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#4
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
Why use 127.0.0.0 (only in XP and earlier OS's) when you can use '0'?
That's what I use (except for localhost). --- "VanguardLH" wrote in message ... (Originally posted to the microsoft.public.windowsxp.admin_security newsgroup but got no bites there after 4 days.) You can obtain pre-compiled hosts files used to block ad sources, phish sites, malicious sites, or other content (based on an IP name that has to include the hostname in the URL since this is, after all, a *hosts* file). One such pre-compiled hosts file is the one from the MVPs site (http://www.mvps.org/winhelp2002/hosts.htm). However, I'm wondering why the loopback address of 127.0.0.1 (for localhost) was chosen. 127.0.0.1 actually exists since it is the loopback interface defined in your NIC. If you put http://127.0.0.1/ into your web browser, you see it cogitate a couple seconds before erroring. 127.0.0.0 is the default network. Putting http://127.0.0.0/ results in an immediate failure. The web server won't try to connect to a particular host. The idea of using 127.0.0.1 only works if you are NOT running your own web server. If you are then obviously the hosts file that redirects to 127.0.0.1 is trying to connect to your own web server when the intent was to block a connection to the content at the specified host in the URL. This means you could see content from your own web site intermingled with the web page (where you were attempting to block some content or that site using the hosts file). Well, obviously it will take some time to retrieve web pages from your own server. Any local process listening on port 80 would connect to the 127.0.0.1 address you use in the hosts file for redirection (in trying to block content). So why even bother trying to use the loopback IP address? What happens if you have a web server that is local and listening on port 80 (for the HTTP connects)? Why waste time trying to connect to your local web server, if you have one or to even try to connect to one, if the point is to block content? Why not use 127.0.0.0 which results in an instant failure and would never connect to your web server should you ever decide to run one? Or use 127.0.0.254 which is unlikely ever to get used in your internal network path to define a host (but even that takes longer to generate an error than using 127.0.0.0)? Why the focus on using 127.0.0.1 to block content using the hosts file? Why would you want your web browser to even try to find localhost when the point is to always fail in order to block that content? 127.0.0.1 points to a particular diagnostics "host" (localhost). 127.0.0.0 points to the diagnostics "network" so no host would be found nor could one be found. |
#5
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
David H. Lipman wrote:
VanguardLH (Originally posted to the microsoft.public.windowsxp.admin_security newsgroup but got no bites there after 4 days.) This is a networking question not an OS question. Yeah, right, David. Show me any version of Windows that doesn't include networking components in its installation even if the host isn't connected to a network. So how vague or unspecific do I need to be about the networking functions in Windows before it becomes "general" enough for you to post about it here? Have you actually looked at how many topics there are here which are related to networking? How many topics would disappear if your undefined criteria for "OS-only" topics were obeyed? Questions about ..Net, Favorites (in IE), rar files, intermittent connections (because you say networking isn't an OS issue), Outlook, drive/partition configuration for data safety, deleting unnecessary files, anti-virus, e-mail, picture managers, rotated screens, and defragmenting a disk aren't really OS-only topics, are they? But they ARE here. Try asking in an appropriate TCP/IP networking news group instead. So what are those *high-traffic* networking newsgroups to which you refer but failed to mention? I'm not interested in hearing my own echo in a newsgroup devoid of active participation. For your suggestion to be genuine, you should actually mention what are those other newsgroups and only mention those that receive enough traffic to likely result in a response to any post submitted there. |
#6
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
none wrote:
VanguardLH wrote ... ... One such pre-compiled hosts file is the one from the MVPs site (http://www.mvps.org/winhelp2002/hosts.htm). However, I'm wondering why the loopback address of 127.0.0.1 (for localhost) was chosen. Putting http://127.0.0.0/ results in an immediate failure. Why use 127.0.0.0 (only in XP and earlier OS's) when you can use '0'? That's what I use (except for localhost). From RFC 3330: 0.0.0.0/8 - Addresses in this block refer to source hosts on "this" network. Address 0.0.0.0/32 may be used as a source address for this host on this network; other addresses within 0.0.0.0/8 may be used to refer to specified hosts on this network [RFC1700, page 4]. 0.0.0.0 represents "any address". Binding a listening socket to 0.0.0.0 tells the OS to accept connections on any IP address for which the host has bound network adapters. Say your host has 2 network adapters and each has its own IP address. You could bind a socket to either network adapter and connections are accepted only on that adapter for that IP address. However, if you bind a socket to 0.0.0.0 (INADDR_ANY in Winsock) than it binds to both adapters. The result is that the traffic (that you are trying block or nullify) has to go out through the external interface of your network adapter to only come back in (or possibly to another host in your network). I don't want to waste any resources, especially any that is exposed outside my host, on content that I'm trying to nullify. From that same RFC: 127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. A datagram sent by a higher level protocol to an address anywhere within this block should loop back inside the host. This is ordinarily implemented using only 127.0.0.1/32 for loopback, but no addresses within this block should ever appear on any network anywhere [RFC1700, page 5]. Yep, that's what I want. I don't want any traffic going outside my host (i.e., exposed on the external interface of my network adapter) when I am intending to block that content. There is no reason to spew any traffic outside my network adapter when blocking that content. I want to bottle up the block within my host without generating any traffic outside my network adapter. From what I read, 0.0.0/8 won't do that but 127.0.0/8 will. And to further that, it appears the web browser aborts quicker when I reference the 127.0.0.0 diagnostic network than when I use 127.0.0.1 host in the hosts file. I suspect 127.0.0.1 got used because it designates an internal-only host (localhost). The hosts file, after all, is about identifying hosts, not networks. So using 127.0.0.1 for the host may simply be by convention when used within the hosts file. Also, back then, workstations that used the hosts file (a historical artifact before DNS showed up) were NOT running any servers that were listening on that same host for connections. Many local proxies will use 127.0.0.1, like some older anti-virus software, anti-spam proxies, filter proxies, or just about any process that opens a socket on which it listens. You can run programs on your host that are listening for connections and I don't want any possibility of wasting resources for connections to them when I am blocking content in web pages. The blocked content will be likely using port 80 for the target server. It is possible that I have a web server running on my host (in fact, I recall a minimal web server that did nothing but work with the hosts file to present a placeholder in the web page so you could see the block). It is possible the URL to the blocked content specifies a non-standard port number which could match the listening port for a proxy or server process that I have running on my host. Why waste the resources to create a socket when my intent is to block that content (actually to nullify it as though it was never existed)? Say I'm running SpamPal (I don't anymore but did once). How do e-mail apps use it? By specifying 127.0.0.1 as the IP address for the "server". Say I have SpamPal listen on port 8110. Well, that's not the default of port 80 for HTTP connects but then the URLs for the blocked content can specify a different port. They could even specify port 8110. The hosts file replaces the IP name with the IP address (127.0.0.1) but not the port number so now the blocked content is trying to connect to SpamPal at 127.0.0.1 listening on port 8110. Not likely to happen but why leave open a window of opportunity? 127.0.0.1 is used by LOTS of network-facing software running locally on your host. Just because you don't run a web browser now doesn't mean you might not want to run one later (or some application that acts like a web server, especially those that employ a web-centric UI). Using 127.0.0.1 for blocking content doesn't seem a good choice since it is the same IP address used by many software programs listening for connections on your own host. That I can use 127.0.0.0 doesn't mean that's how it should be done. That it works doesn't mean I should use it. I can use the rounded tip of a butter knife on a screw, too, but it's not the proper tool. There must be some reason why 127.0.0.0 didn't get used for *blocking* content (and without generating any traffic outside the network adapter as would occur when using 0.0.0.0). |
#7
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
From: "VanguardLH"
| David H. Lipman wrote: VanguardLH (Originally posted to the microsoft.public.windowsxp.admin_security newsgroup but got no bites there after 4 days.) This is a networking question not an OS question. | Yeah, right, David. Show me any version of Windows that doesn't include | networking components in its installation even if the host isn't | connected to a network. So how vague or unspecific do I need to be | about the networking functions in Windows before it becomes "general" | enough for you to post about it here? That's just it. It is NOT an OS question but a TCP/IP question and thus should be directed to a TCP/IP spoecific news group. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#8
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
VanguardLH wrote:
Why the focus on using 127.0.0.1 to block content using the hosts file? Why would you want your web browser to even try to find localhost when the point is to always fail in order to block that content? 127.0.0.1 points to a particular diagnostics "host" (localhost). 127.0.0.0 points to the diagnostics "network" so no host would be found nor could one be found. snip various examples That I can use 127.0.0.0 doesn't mean that's how it should be done. That it works doesn't mean I should use it. I can use the rounded tip of a butter knife on a screw, too, but it's not the proper tool. There must be some reason why 127.0.0.0 didn't get used for *blocking* content (and without generating any traffic outside the network adapter as would occur when using 0.0.0.0). The thing is, it's a hosts file, and therefore should only contain host entries - as you so rightly say, 127.0.0.0 is not a host - it's a network address. Unless your intention is to provide routing information you should never specify a network address for a host lookup. I guess it's one of those conventions that accumulate over time, as I don't recall a specific RFC that forbids it. However, there is no reason I can see why you shouldn't redirect unwanted content to 127.0.0.2 or 3 or 4 etc. Alister |
#9
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
Alister wrote:
VanguardLH wrote: Why the focus on using 127.0.0.1 to block content using the hosts file? Why would you want your web browser to even try to find localhost when the point is to always fail in order to block that content? 127.0.0.1 points to a particular diagnostics "host" (localhost). 127.0.0.0 points to the diagnostics "network" so no host would be found nor could one be found. snip various examples That I can use 127.0.0.0 doesn't mean that's how it should be done. That it works doesn't mean I should use it. I can use the rounded tip of a butter knife on a screw, too, but it's not the proper tool. There must be some reason why 127.0.0.0 didn't get used for *blocking* content (and without generating any traffic outside the network adapter as would occur when using 0.0.0.0). The thing is, it's a hosts file, and therefore should only contain host entries - as you so rightly say, 127.0.0.0 is not a host - it's a network address. Unless your intention is to provide routing information you should never specify a network address for a host lookup. I guess it's one of those conventions that accumulate over time, as I don't recall a specific RFC that forbids it. However, there is no reason I can see why you shouldn't redirect unwanted content to 127.0.0.2 or 3 or 4 etc. That's what I figu the hosts file must specify hosts, not networks. I notice that when I specify 127.0.0.x where x = 1 to 254 (so the IP address is for a host), it takes longer for the web browser to abort the connection attempt. You see "Waiting for 127.0.0.x" in the status line (which appears more than long enough to read it). Yet if 127.0.0.0 is used (for the network), the web browser fails instantly (which is desired). Since a web page could have dozens, or more, links to 3rd party content that I am trying to nullify, it would seem faster rejects (literally not trying at all to make the connects) would result in a faster complete time to load (and render) the web page minus all the blocked content. It's possible the instantaneous fail to connect by the web browser won't actually speed up the rendering of a web page where I am trying to nullify (block) some of its content. I haven't tested the time to dowload a web page riddled with content that I want to block to measure the effective reduced load time for the page. Plus I would be testing over an Internet connection which itself has variable delays to deliver the content that I am not blocking, and I don't want to get into installing a web server to run locally without the variable Internet delays. |
#10
|
|||
|
|||
Why is 127.0.0.1 used for hosts file redirects instead of 127.0.0.0?
David H. Lipman wrote:
From: "VanguardLH" | David H. Lipman wrote: VanguardLH (Originally posted to the microsoft.public.windowsxp.admin_security newsgroup but got no bites there after 4 days.) This is a networking question not an OS question. | Yeah, right, David. Show me any version of Windows that doesn't include | networking components in its installation even if the host isn't | connected to a network. So how vague or unspecific do I need to be | about the networking functions in Windows before it becomes "general" | enough for you to post about it here? That's just it. It is NOT an OS question but a TCP/IP question and thus should be directed to a TCP/IP spoecific news group. Please define "OS" (operating system). Windows has long come with LOTS of ancilliary features and programs that are NOT part of just the rawest diminutive code that constitutes an operating system. It's been decades since any OS as delivered was just the OS. Show how any version of Windows, Linux, AIX, HP-UX, Solaris, or any surviving OS to this day is devoid of any networking components. And please do include actual newsgroups to where you think this topic would be more appropriate AND which have *active* participation so I'm not tossing my post into the equivalent of a bit bucket. |
Thread Tools | |
Display Modes | |
|
|