Today's lesson is about the Hosts file.
As you may know, computers on the Internet doesn't "talk" to each other using domain names such as "madridman.com". They use numeric addresses called "IP addresses". They look like "192.168.0.0". Thus, whenever you type an Internet "name", your computer looks up its correspondent IP address which is then used to send/receive data.
The hosts file could be seen as a phonebook. In each line of this file there is an IP address and its correspondent host name. The same way your phonebook has names and telephone numbers. In the host file, they are listed the other way round (ie, number first, then name). For instance:
# This is a maked-up entry
192.168.3.6
www.whatever.com Where is the trick and what the heck has this to do with security?. Well, there are many malicious websites around nowadays. Some of them will hijack your browser changing the settings so that your are forced to visit them or you are redirected to the websites they want. Some others may even download software secretly to your computer and arrange things so it gets executed (trojans, dialers, etc). Some other will "just" show hundreds of ads (popups, popunders, etc).
You'd think that the safest thing to do would be not to visit them at all. Well, this is where the host file comes into play. The trick is to fool the browser to make it belive the webpage you want to visit is in your computer. There is an special IP address (127.0.0.1) called the "localhost". That address always refers to your own machine and is mainly used for testing purposes. Let's see it with an example:
# The following site is dangerous or show us lots of ads
127.0.0.1
www.dangerous.com As simple as adding this line (the one beginning with # is just a comment). Now, whenever your computer tries to access
www.dangerous.com, Windows will "translate" that to "127.0.0.1" and it will try to connect to that address to show the webpage. However, there isn't such page at that address (remember that 127.0.0.1 means your own computer!!). Thus, instead of wasting time and bandwidth it will just show an error message "404: File not found".
Now that you've learnt how it works, you may be wondering where you can get a list of webservers it's better not to visit. That's easy. A guy at Smartin Designs maintains a list of such servers. You just go there, download the file and copy it to your Windows folder. That's it. There's nothing else to do to make it work.
Note that the list is updated every three months or so. You can subscribe to a mailing list to get notice of a new version of the file.
¡VERY IMPORTANT!: If you use Windows 2000/XP, you have to copy the file in a different folder (WinNT\etc32). Also, there is a bug that slows down the system when using a large host file so don't use it without reading and doing this article.