Blocking Unwanted Domain Names: Creative Usage of the HOSTs File
In my previous article, I wrote about how to manipulate the host file so that you can locally view your web site long before Internet propagation is complete. There are other creative uses of the hosts file as well. In the previous article, I let you access what you wanted see. In this article, I will reveal how block what you don't want yourself or others to see.
Spyware, Adware, Malware, oh my!
It seems that everyday the creators of malware find ingenious ways to exploit our computers so that they can inject their malicious software and make money. One of those exploits is DNS cache poisoning. In this exploit, they relay false IP address information to DNS servers. That false data propagates to the end-users and gets cached in local DNS servers. In the end, trusted domain names like BankofAmerica.com are pointed to phishing servers.
Fight Back with Hosts File Poisoning
Similarly, the creators of malware poison the hosts file. This is much easier for them to accomplish and the results are almost instantaneous (as we learned in the previous article that DNS propagation takes at least two days). Now, you can fight back using the same methods that they employ. I found a host file on digg.com that blocks the usual online advertisement providers. Basically, it translates the IP address of sites like doubleclick.net (an online legend in annoying advertisements) to 127.0.0.1, which is always the local computer. Since most computers are not web servers and don't open port 80, nothing but an error will display in the advertisement placeholder. Just add '127.0.0.1 DOMAIN_NAME_OF_AD_SERVER' to the bottom of the file to continue the list if you find anymore perpetrator ad servers.
Other Uses
I promised my friend that I would post an article about this. He wants to block certain people (cough! 
cough!) from visiting some of the sites he frequents so they can't keep tabs on him. With the host file, kids can block parents and parents can block kids. It's all fair game right? Say you're a parent who wants an easy and inexpensive way to block access to MySpace. Just put your child on a limited Windows XP user account and add the following lines to the bottom of the host file:
-
127.0.0.1 myspace.com
-
127.0.0.1 www.myspace.com
-
127.0.0.1 collect.myspace.com
-
#Add any other subdomains of MySpace as well. There are like 5 but I cannot remember all of them.
Limited Windows users cannot view or change the host file. This is a relatively foolproof method of site blocking. Not even a web proxy can bypass this!
Caution
As in the previous article, I caution about tampering with the host file. Don't forget about the changes made. You may inadvertently block access to sites you want to see. If all else fails, just restore the hosts file to its original state with one line
-
127.0.0.1 localhost
Remember, it is imperative that this line is present at all times in the hosts file! Happy hacking!
February 18th, 2008 at 10:28 am
you say “Not even a web proxy can bypass this”
you are wrong, very wrong. The proxy will use the DNS that is local to it and not your machines HOSTS file.
BOB.SMITH
February 27th, 2008 at 9:33 am
The MS MVP site has a good “parasite blocker” Hosts file which is quite regualrly updated:
http://www.mvps.org/winhelp2002/hosts.htm