Have you ever been a victim of spywares/trojan horse/viruses and worms? If you ask me, yes I have been and plenty of times. As I did my research on how to stop and defeat them, installing Anti-Virus and Anti-Spyware software(s) might not be enough.

I’ve learned that you can effectively stop them even before you open them. How? Through HOSTS File.

What is a HOSTS File?

According to Wikipedia:

The hosts file is a computer file used to store information on where to find a node on a computer network. This file maps hostnames to IP addresses. The hosts file is used as a supplement to (or instead of) the domain name system on networks of varying sizes. Unlike DNS, the hosts file is under the control of the local computer’s administrator.

What does it do?

The Hosts file contains the mappings of IP addresses to host names. This file is loaded into memory (cache) at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS. This prevents access to the listed sites by redirecting any connection attempts back to the local (your) machine. Another feature of the HOSTS file is its ability to block other applications from connecting to the Internet, providing the entry exists.

You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. This is accomplished by blocking the connection(s) that supplies these little gems.

Example – the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing. This also prevents the server from tracking your movements. Why? … because in certain cases “Ad Servers” like Doubleclick (and many others) will try to open a separate connection on the webpage you are viewing.

(The article above is an extract from Blocking Unwanted Parasites)

Sound so technical and complicated for you? I have to admit, at first I had difficulty in understanding the concepts and how to apply it as a means of protection. Don’t worry, I will show you later on how you can this apply this on the next discussion. For now, our main concern is the location of the HOSTS file, where can we find it?

Where is it located?

In certain version of Windows Operating system, they are located in different system folders, if you are not using Windows OS, you can also view them at a certain folder. Below are the various locations of the the HOST Files.

Windows NT/2000/XP/2003/Vista: %SystemRoot%/system32/drivers/etc is the default location.
Windows 95/98/Me: %WinDir%
Linux and other Unix-like operating systems: /etc
Mac OS X: /private/etc

If you are confused about the %SystemRoot% and %WinDir% for Windows OS the exact folder location are below:

Windows Vista = C:WINDOWSSYSTEM32DRIVERSETC
Windows XP = C:WINDOWSSYSTEM32DRIVERSETC
Windows 2K = C:WINNTSYSTEM32DRIVERSETC
Win 98/ME = C:WINDOWS

Just look for a file called hosts with no extension and open it using your favorite text editor and viola! You can now modify and add the sites you want to block.

How is it done?

There is no place like 127.0.0.1, that’s what some of them say. But to protect yourself from those online parasites, you need to update your HOSTS file. Open the desired folder (it may differ on different versions of OS, see article above), then open the hosts file with your favorite text editor. On Windows Systems, it may look like this:

Windows Hosts File

Windows Hosts File

Notice there is only one entry “127.0.0.1 localhost” this is the so called loopback entry of your hosts file. It tells your browser to open the loopback address (127.0.0.1) if you type localhost in your address bar. You should give it a try. If you have a local webserver running in your end, the default page in your localhost will be open, if you don’t have one, you will get a failed to connect error. So in short, using  the localhost in the web browser will redirect you to 127.0.0.1 without having to use the IP Address. If you want, you can use the 127.0.0.1 in your browser if you are still not convinced about the redirection.

Local Web Server Default Page

Local Web Server(using XAMPP) Default Page

Blocking a Site

So by now, you have at least an idea on how to use the HOSTS file, how do we block those pesky sites again? Let’s assume that you want to block Google for whatever reason. All you have to do is open your HOSTS file and add another entry to the existing lines. Add:

127.0.0.1          www.google.com

Windows Hosts File blocking Google Site

Windows Hosts File blocking Google Site

After adding that entry, save the hosts file and open your web broser, then type www.google.com on the address bar if you can’t open Google, then you have successfully blocked the site!

Now let’s get into a more serious business, let’s try to block a more troublesome website. The site cracks.am site is the oldest, largest, and best known database of cracks, keygens , patches and serials on the net since 1999. If you visit the site and use their services, they would install programs/trojans without your knowledge. So it’s best not to open the site if you are not protected enough. Just add another entry to your HOSTS file, save and viola! You are now protected from that site. It’s that simple.

How do we know which site to Block?

There are a lot of sites out there offering a lot of services and stuff, but be always wary of the sites you open, some of them tricks you to download files such as screen savers or entice you to download a program to protect your system from spy wares and viruses but in turn they are what they say they protect. So be very careful, I myself have been a victim of such schemes, by the time I realized it, the damage has been done and it’s too late. Below is an updated list of sites to be block using HOSTS file from mvps.org.

HOSTS File with updated entries from MVPS.ORG

HOSTS File with updated entries from MVPS.ORG

For the list of sites to block, I used a list from this site. I like this site, and I constantly visit them for any updates about the list of sites to be blocked. The list of site ranges from cookie trackers, sites that tracks your browsing behaviour, sites that automatically downloads and installs Trojan Horse applications (like screensavers, popup blockers, spyware removers and etc), Ads and other services. Head over to their site and read a few instructions then download and update your HOSTS file and protect yourself from online hi-jackers.

Happy Browsing!

Sources: