When you’re blocked from visiting a known-good website, it could be your own system being over-protective.
Some protective applications use a special Windows file called ‘hosts’ to intentionally prevent the computer user from browsing to certain Web sites. This is achieved by inserting a special command line into the Hosts file that specifies that if any attempt is made to browse to a nominated Web address (e.g. BadHacker.com), the browser should be redirected to another URL or simply fail. Such a command when placed into the hosts file might look like this:
127.0.0.1 clickbank.net # This is a comment.
That line of script simply means that any attempt to browse to ClickBank.net should be redirected to the IP address 127.0.0.1. Optionally, any random comment can be placed after a hash sign.
127.0.0.1 is the standard IP address used for a “loopback network connection”, which basically means that if you try to connect to the IP address 127.0.0.1 you are immediately looped back to your own computer. In other words, the browsing request goes nowhere.
Some applications that use this ban-list technique will write literally thousands of “prohibited” URL entries to the Hosts file. Many people swear by this technique to protect them from malicious websites, but I have two problems with it:
- Very, very few average computer users are aware of it and are thus understandably confused and frustrated when they fail to connect to a website that they know exists and with which their friends and associates experience no problem.
- Who decides on the selection criteria for determining which URLs should be included in the “prohibited” list? The desirability of avoiding certain sites is clear-cut; if a site is well known as a source of malware or obnoxious content then its inclusion is clearly justified. But there are certain Web sites often included in these large ban-lists that are, to my mind, impossible to justify with any degree of logic or common-sense.
One site often included in these “ban” lists is ClickBank.com. Here is some information about ClickBank from their own website:
ClickBank is the world’s largest online retailer for those engaged in developing, selling and promoting digitally downloaded products and services. They process in the vicinity of 25,000 transactions daily from around the world and have 110,000 active affiliates. The company functions as a virtual business network facilitating the interactions and transactions between buyers, sellers and affiliates while providing guaranteed tracking of sales, state-of-the-art fraud protection and a totally secure platform.
The vast majority of the copies of my popular security e-book The Hacker’s Nightmare have been sold using ClickBank as the payment processor since 2004.
The problem regarding whether an inclusion is justified or not stems from the fact that most of these “ban” lists are compiled by hard-core geeks, a class of Internet user often associated with an anti-commerce stance. One provider of such a list, hosts-file.net, justifies the banning of ClickBank (which it classifies as an “FSA” site) as follows:
FSA – sites engaged in the selling or distribution of bogus or fraudulent applications. This classification is assigned to site’s being used for the distribution of ‘rogue’ security or other such applications, for example: SpyHunter, SpyFalcon, SpywareQuake, AdwareAlert, etc.
So apparently the list compilers want ClickBank to assume responsibility for thoroughly vetting all 35,000+ products offered through its marketplace. Whether you think that’s reasonable or not is besides the point. ClickBank is not itself a harmful site, and the most significant effect of its inclusion on such lists is to cause confusion and frustration to many computer users, and a completely unnecessary flood of support e-mails and phone calls as they try to get to the bottom of the problem.
In defending this position I’ve been accused in at least one discussion forum of calling the layer of protection offered by these lists as “silly”. That is not, nor has it ever been, my opinion. The judicious use of the Hosts file to protect computer users from known malicious websites is both valid and useful. But what is silly and harmful is the inclusion of websites like ClickBank which are clearly not malicious in any way. If you are going to use one of these lists you must at all times remain conscious of the fact that it is in play, so you know that a close inspection of the Hosts file should be your first action in the event of failure to contact a known-good website.
In a standard Windows installation the hosts file can be found in this location:
C:\WINDOWS\system32\drivers\etc
It is a plain text file simply called hosts and has no extension to the filename.
{ 4 comments… read them below or add one }
Bill,
Apologies first of all, for not getting back to you sooner on this (actually only just found your write-up a few minutes ago).
As far as clickbank.net and others like them go, since users tend to trust that what goes through them – is trustworthy, they are indeed responsible for what goes through their sites. Just as you’d expect any other company to be responsible for it’s services. To not hold clickbank responsible is abhorant. They have for many years, made money indirectly from allowing scammers to use their service, and indeed, very rarely, if ever, tend to disable those reported to them.
As an aside, on the subject of the HOSTS file location, whilst you mention the NT (2000, XP, Vista etc) location, many are still using alternate systems. As such, the locations of the HOSTS files on the various systems are;
Windows XP/2003/Vista/2008
C:\Windows\System32\Drivers\Etc
Windows NT/2000
C:\Winnt\System32\Drivers\Etc
Windows 95/98/Me
C:\Windows
Linux/Unix/Mac
/etc/hosts
Steven, no crystal ball needed to predict that we are never going to see eye to eye on this point. As the administrator of a site that provides a hosts file block-list, you have your own reasons for including ClickBank.net.
We’ll never reach agreement because we are each approaching the issue from two entirely different directions.
While I personally disagree with your position that ClickBank is inherently untrustworthy, that’s a matter of personal interpretation to which you are entitled. I can see your point to a degree, but I think you’re being too hard-line with your conclusion.
My argument is that ClickBank is too big and too important to too many people to just to block it in such an arbitrary manner. Because of its popularity, importance and global reach, arbitrary blocking without explanation or comment has the potential to create problems and frustration for the 99.9% of PC users who have no idea what or where a hosts file is. This inconvenience is not, in my opinion, offset by the protection provided.
If the hosts file was more flexible and provided the option to pop up a warning that some of the available downloads may be dangerous, that would be a different story. But with hosts it’s simply a brute force and unexplained block. Some of the anti-malware browser toolbars can do it better by providing a warning with explanation, and leaving the final decision to the user.
ClickBank is simply a payment processor; they are not a repository for downloadable files, malicious or otherwise. On the World Wide Web there are all sorts of traps for the unwary, the danger of downloading a rogue product being just one. And that’s just one of the many dangerous devices that I attempt to educate people against in my books and articles.
I have no idea how many transactions ClickBank processes in a year, but it’s certainly in the many, many millions. If you could successfully block access to ClickBank across-the-board there would be complete and utter chaos.
Thanks for pointing out the other locations for the hosts file, though from a security perspective most people still using old, un-supported versions of Windows have a lot more to worry about.
Bill,
I actually agree that clickbank themselves are not 100% to blame, it’s their complete lack of action I have a problem with. If they started listening to abuse reports, and disabling those customers using their services to peddle rogues and whatnot, very few would give them the poor reputation they have at present.
As an aside, I do agree that their homepage should not be blocked. As such, I’ve removed both clickbank.net and clickbank.com from the database (this will be reflected in the file itself on the next update)
Steven, on behalf of millions of novice Web users and thousands of frustrated support people, I thank you.
While I appreciate that there is a certain amount of “bad” associated with ClickBank, it's refreshing to see someone who has influence keeping an open mind and being prepared to reassess an adopted position for the greater good.
To anyone who has experienced the problem of being unable to access such high-traffic sites as ClickBank because of entries in a hosts file block list, try referring the list compiler to this blog post.
Steven Burn's site is at http://hosts-file.net. If you decide to use his list, at least you know you're dealing with someone who will listen to you, unlike many who seem to view flexibility as a weakness.