Modify Your Hosts File to Block Malware

Modify Your Hosts File to Block Malware |

Modify Your Hosts File to Block Malware

by Dave on July 1, 2008

malwareMalware is a huge problem.

By now, most of us know what spyware is and what it can do to your computer. If your PC is connected to the Internet, chances are you have some form of spyware. It attaches to your PC as you casually roam websites or download files. But you can be proactive and block some of the known malware websites by altering your hosts file in Windows.

Your computer uses the hosts file to help speed up domain name resolution. Before your computer goes out on the Internet to resolve an IP address to a website name, it checks the hosts file to see if there is already an entry there. If there is, it doesn’t need to go out to the DNS server and resolve the address. In theory, this helps to speed up web browsing. But you can also manipulate the hosts file to block known bad sites by pointing the domain name to a different IP address, such as your local machine 127.0.0.1.

For example, let’s say site abcdefg.com is a known malware site and it has an ip address of 68.23.5.x. We can go into our hosts file and say that 127.0.0.1 is the IP address of abcdefg.com. So when you type that name into your web browser, nothing happens because your browser thinks the IP address for abcdefg.com is your PC.

So how do you motify the hosts file? There are several ways. You can use a program such as Spybot Search and Destroy, which has a Immunize feature that modifies your hosts files when you initiate that feature. Or you can do it manually by obtaining hosts files from sites that frequently update them. One such site is SomeoneWhoCares.org. You’ll notice it is a massive file of known bad websites. Highlight and copy the entire document–credits and all.

Different Operating Systems store this file in different locations:

For Windows 9x and ME: “C:\Windows\hosts”
For NT, Win2K and XP and Vista: “C:\windows\system32\drivers\etc\hosts”
Linux: “/etc/hosts”.

You can open the file with Wordpad, but be sure to keep the name as hosts and do not add an extension, such as hosts.txt or hosts.doc.

Being proactive is necessary to thwart malware or at least slow it down. Since new sites crop up daily, updating your hosts file frequently is necessary. Finding an automatic solution like Spybot is recommended, but you can manage this task yourself if you remember to do it on a consistent basis.

Advertisements

Leave a comment

No comments yet.

Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s