Using /etc/hosts and /etc/hosts.deny from Ultimate-Hosts-Blacklist in Github

Hi everybody!

I’ve downloaded two lists from GitHub - Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklist: The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware. to experiment with.
‘hosts*’ has ~630K domain names redirected to, and hosts*.deny lists 140K IP adresses.
host* first few lines:

hosts*.deny (without comment lines):


I’ve copied the one and only line (besides comments) from the original deny file to /etc/hosts.deny, at the top:

http-rman : ALL EXCEPT LOCAL

### The Ultimate hosts.deny for Linux / Unix based operating Systems
### Copyright (c) 2017, 2018, 2019, 2020, 2021, 2022 Ultimate Hosts Blacklist - @Ultimate-Hosts-Blacklist
### Copyright (c) 2017, 2018, 2019, 2020, 2021, 2022 Mitchell Krog - @mitchellkrogza
### Copyright (c) 2017, 2018, 2019, 2020, 2021, 2022 Nissar Chababy - @funilrys
### Repo Url:

I haven’t noticed any difference either in boot or browser start times nor in usage (perhaps my browsing habits are too circumspect :slight_smile:).

There’s also a superhosts.deny file with 770K+ entries (!), that can be appended to \etc\hosts.deny.

Does anyone have experience with these?
Also, should it be OK to append the hosts* file (640K+ lines) to /etc/hosts or it might impact performance?


Apparently the hosts.deny list blocked kdeconnect. I had to revert the changes and reboot both the computer and the phone. :roll_eyes:
This is weird, as the phone IP is local, not on the list. What happened?

Another curious consequence: I’m using barrier (fork from synergy) to share mouse and kbd between computers. Both barrier and synergy appear to have a race condition that makes the server unable to connect at boot, and display a “couldn’t connect” dialog message. After closing the dialog box it connects OK.
Well, with the ultimate hosts.deny in place the server connects right after boot, no dialog message at all. That makes no sense to me.