Modify Your Hosts File to Block Malware
by Dave on July 1, 2008
malwareMalware is a huge problem.
By now, most of us know what spyware is and what it can do to your computer. If your PC is connected to the Internet, chances are you have some form of spyware. It attaches to your PC as you casually roam websites or download files. But you can be proactive and block some of the known malware websites by altering your hosts file in Windows.
Your computer uses the hosts file to help speed up domain name resolution. Before your computer goes out on the Internet to resolve an IP address to a website name, it checks the hosts file to see if there is already an entry there. If there is, it doesn’t need to go out to the DNS server and resolve the address. In theory, this helps to speed up web browsing. But you can also manipulate the hosts file to block known bad sites by pointing the domain name to a different IP address, such as your local machine 127.0.0.1.
For example, let’s say site abcdefg.com is a known malware site and it has an ip address of 68.23.5.x. We can go into our hosts file and say that 127.0.0.1 is the IP address of abcdefg.com. So when you type that name into your web browser, nothing happens because your browser thinks the IP address for abcdefg.com is your PC.
So how do you motify the hosts file? There are several ways. You can use a program such as Spybot Search and Destroy, which has a Immunize feature that modifies your hosts files when you initiate that feature. Or you can do it manually by obtaining hosts files from sites that frequently update them. One such site is SomeoneWhoCares.org. You’ll notice it is a massive file of known bad websites. Highlight and copy the entire document–credits and all.
Different Operating Systems store this file in different locations:
For Windows 9x and ME: “C:\Windows\hosts”
For NT, Win2K and XP and Vista: “C:\windows\system32\drivers\etc\hosts”
You can open the file with Wordpad, but be sure to keep the name as hosts and do not add an extension, such as hosts.txt or hosts.doc.
Being proactive is necessary to thwart malware or at least slow it down. Since new sites crop up daily, updating your hosts file frequently is necessary. Finding an automatic solution like Spybot is recommended, but you can manage this task yourself if you remember to do it on a consistent basis.
Leave a comment
No comments yet.