If I want to block a domain e.g. foobar.com using the host file, I understand from another thread that I can't use wildcards to cover all versions of the domain but have to list each version separately.
That being so, what are all the possible versions I would have to list in order to fully block the domain? For example:
http: with/without doubleyou,doubleyou,doubleyou
doubleyou,doubleyou,doubleyou (without http)
https:
ftp
etc
What is the definitive full list? What other types need to be covered? Are some types as listed duplicates (in terms of how the host file interprets them) such as http: with doubleyou,doubleyou,doubleyou ….. and doubleyou,doubleyou,doubleyou……
(Sorry about the doubleyou,doubleyou,doubleyou but if I write them normally, the editor insists they are actual links and disallows them unless I "wrap them in a code block" whatever that is).
Best Answer
I Assume with hosts file you're talking about /etc/hosts or it's os specific equivalent, if not, my answer won't be of any value.
First, you're lucky, as it doesn't care (or, correctly, know) anything about protocols. the hosts file is only about hostnames (or domains).
Second, you're bad luck. There is no way to retrieve all existing hosts under a specific domain. In fact, the names could be even dynamic, and don't need to exist befor beeing queried.
To block anything behind example.com., you have two options:
Run your own local DNS server, with a record for *.foobar.com., and recursing everthing else to the real dns.
Sniff on dns traffic, grep every request for foobar.com., and dynamically add all labels found that way to your hosts file. This will only take effect after some time, so it's not bulletproof, and will be damn hard to do correct.
2.) is bullshit.
1.) is the way do it. It's the way everyone in the need uses.
Running your own DNS isn't rocket science, and there are lots of friendly resources on the net. Try googling for "bind howto".
But, take a minute and reconsider your goals.
If you want to forbid some program to phone home, a moderate amount of traffic sniffing will probably reveal any hostnames it uses, and you can put them into your hosts file manually.
On the other hand, if you want prevent users (humans) watching youporn, don't bother, they are probably smarter than you, and will circumvent your actions faster than you can deploy them.