Block viruses, ads and spyware using a hosts file
Tuesday, March 15th, 2005Quite a few people ask me what I do to protect my computer from viruses and spyware. I’m saving myself the trouble of having to repeat the same answer to everyone. I’ll just tell them to look it up here from now on.
No form of protection is 100% effective, and what works today may not work as well tomorrow. Virus scanners that load, update and scan automatically are a good idea in theory, but in practice they slow down the computer too much for my liking. Maybe in the future when we have processors with 64 cores sitting on our desks, we’ll be able to dedicate some of them for the purpose of virus scanning. But for now we want a lighter solution.
Using safer browsers helps, but I don’t think that safety net will last very long as their market share continues to rise. The chain is only as strong as its weakest link.
Where do viruses and other annoyances come from? Surely not from a site with any kind of reputation to uphold. They’re served from ad servers and other rogue sites that you’d never even want to visit. You probably don’t visit most of them by typing them in your address bar. But they still bombard you in the form of banner and popup ads, javascript includes i.e. “Click here to download” served from other websites.
Wouldn’t it be great if there was a blacklist of these rogue sites, and you could tell your computer to never download anything from them? That’s exactly what your hosts file does. It contains a mapping of URL’s to IP addresses (analogous to a phone book mapping names to phone numbers). Adding an entry like:
127.0.0.1 evil-ad-server.com
forces your browser to connect to 127.0.0.1 whenever it sees an address on evil-ad-server.com. 127.0.0.1 is a special IP address that loops a computer back to itself. Any advertising banners, popups, viruses will never be downloaded to your computer, because it never comes in contact with evil-ad-server.com. The entire process is superfast with no CPU overhead and clearly saves bandwidth too, because there is less to download.
There are several sites that offer regularly updated hosts files for download. Each one has their own set of instructions, so make sure to read those carefully before installing.
- Blocking Unwanted Parasites with a Hosts File
- Mike’s Ad Blocking Hosts File
- Windows, Linux, and Mac Hosts File Modifications
Using a hosts file does have some limitations. In terms of effectiveness, a hosts file is only as good as its last update. You need to check for updates manually. Also, a hosts file can only block entire sites, not their subdirectories. For example, if you want to visit randomnewspaper.com but block the ads under the folder randomnewspaper.com/ads, you won’t be able to do it with a hosts file. You will need some other kind of ad blocking tool.
Finally, if a hosts file can be used for good, it can be used for evil too. There are programs that can hijack your hosts file and take you to a rogue site when you intend to visit a trusted one. Imagin what would happen if someone set up a lookalike of your bank’s website. All they have to do is add an entry to your hosts file taking you to the fake site. See how easy it is to give away your banking login details? All three links above tell you how to lock your hosts file to prevent this from happening.
You can now turn off those crappy antivirus programs and firewalls and look forward to using more of your computer’s processing power.
Update
Windows XP users may need to turn off the DNS client service. To do this, go to Run under the start menu and type in “services.msc”. Look for a service called “DNS Client” and right click on it and go to its Properties. Stop the service and change its startup type to “Manual”. This DNS service may sometimes override the hosts file causing it to not work.