HOSTS file.

Whenever I am asked to work on a PC, the first thing I do – every time – is install a HOSTS file. It’s one of the simplest security measures you can take – just a text file in a folder – and the least well known. Everybody knows about virus scanners, many users know about malware scanners, but very few people know about the HOSTS file.

So let’s start with what a HOSTS file is.

You may already know what a DNS is: for our purposes here, it’s a map that points a domain name to the address of a computer somewhere on the internet. For instance, “google.com” maps to 173.194.64.104. That number, or “i.p. address”, refers to a specific end-point, or node, on the internet. Tables of DNS records are stored on special servers, so when you type “google.com” in your browser, a request is sent out, the i.p.address is returned, the connection is made, and the computer Out There and your computer Right Here begin sharing information, in this example, a web page.

The HOSTS file is the first stop on your browser’s trip. You’ve got one on your computer now: if you have a Windows PC, go to c:\windows\system32\drivers\etc. Open the file in Notepad. What you’ll see – after all the #comments at the beginning – is an i.p.address and domain name, probably this:

127.0.0.1     localhost

Another way that us computer guys say 127.0.0.1 is “home”. (It also goes by the term, “loopback.”)

In short, it’s the i.p.address that your computer uses internally to refer to itself. Your computer’s way of saying, “me.”

What this means is that if you type http://localhost into your browser’s address bar, your browser looks to the local computer for that content. (Unless you have a web server installed, it won’t find anything, but you’re welcome to try.)

Here’s the important part:

Because you provided an i.p.address for the domain, the browser stops looking. It doesn’t go to the internet for the content because the HOSTS file says it’s local. Because there’s nothing there, the request dies.

So?

Let’s pretend, instead of an innocent internet user, you’re a piece of malware, and you need to send the information you’ve collected back to the lair of the evil mastermind. You’re programmed to look for myEvilOverlord.com, which is, unfortunately for you, an entry in our hosts file. You can’t phone home.

Let’s pretend, instead of a piece of malware, you’re a browser add-on, and your job is to pop open advertising windows. You do this by connecting to the server of your Evil Mastermind to determine which gambling or porn sites you’re supposed to load. Unfortunately, again for you, myEvilOverlord.com is blocked. No windows open because you can’t get your instructions and if you do open any, they will be blank.

Isn’t that awesome?

So, that’s all?

That’s all? We’ve blocked malware from transmitting your credit card number and prevented your mother-in-law – who’s checking her email while you’re fixing yourself a stiff drink – from getting a dozen pop-ups for Asian scat and bondage porn, and you say, “that’s all?”

No, as it happens, that’s not all.

You can be a jerk about it.

Go to one of your co-worker’s PCs and put this entry into the HOSTS file:

127.0.0.1     www.facebook.com

I’m sure you could find an interesting i.p.address to plug in. You can repoint a website to ANY i.p.address, though you should note that just because you type in the i.p.address of some objectionable site, doesn’t mean that the site will load. Many times, the domain and the i.p.address are linked on the host: you’ll connect to the server, but it won’t show you anything worthwhile. Might be fun to experiment, though.

But seriously…

Your browsing experience will be, just generally, different. Cleaner for one. Take this LiveJournal blog, for instance:

Those ugly purple blocks are ads. This poor user is browsing the internet without a HOSTS file. Tsk tsk tsk.
This is the same blog, viewed on a PC with a HOSTS file. Look ma, no ads!

Now, there are two warnings I need to offer here.

First, you won’t see ads and much content in the margins of your browsing experience, so you might forward a web page you think is hysterical and get an angry email from your best friend complaining about the porn ads on the page. (Use that as an opportunity to set her up with a HOSTS file.)

Two, many websites track button clicks through ad hosting/tracking services that a full HOSTS file blocks, and if that’s the case you’ll get on the site but won’t be able to navigate. HowStuffWorks.com is that way: if I want to browse the site, I have to disable my HOSTS file. The “sponsored” links in yellow at the top of your Google search? Blocked.

Those are minor issues, though. It’s very worth it for better, faster, and most importantly, safer browsing.

OK, so where do I get one?

Here.

Advertisements
Explore posts in the same categories: Biography-History

One Comment on “HOSTS file.”


  1. […] Technical bits on videography, audio, and the web in general « HOSTS file. […]


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: