15 Jan

Block Unwanted Internet Traffic with a HOSTS File

One of the most common questions I am asked by my less-than-tech-savvy friends and colleagues  is “How do you keep your computer from getting viruses?”

In reality, there are a lot of things you can do to avoid getting computer viruses. Perhaps the most effective is educating yourself about how viruses are actually spread and changing your browsing habits. Then there is the plethora of other solutions like browser extensions, anti-virus software, firewalls, etc…

But my favorite solution to the anti-virus problem – a solution that I rarely ever hear anyone bring up – is to use a custom HOSTS file. A HOSTS file is a simple text file that already lives on virtually every operating system (from Windows, to Linux to Mac OSX and even Android). This simple file has the power to provide a baseline of protection, completely free of software (ironically most people get viruses from downloading “free” software). Here’s how it works.

What is a HOSTS file?

A HOSTS file is a computer file used by an operating system to map host names (or domain names) to IP addresses. This file originated in the early days of the internet before the Domain Naming System (DNS) to help route traffic on the internet.

Today, the HOSTS file persists and is loaded into the system cache (memory) when it starts up. The file can be edited by the end user to override the mapping of a domain name provided by the DNS server your computer is routing traffic through. It can also be use for creating manual mappings to servers that don’t have domain addresses within DNS.

Example of a HOSTS file entry.

Example of a HOSTS file entry.

How does the HOSTS file protect you?

In laymans’s terms, a properly configured HOSTS file can override and reroute the bad traffic that is attempting to cause harm to your computer to a dead end – rendering the viruses instructions useless (and harmless to your computer). The diagram below explains the process.

hosts2

The Marvelous MVPs HOSTS File!

The first question someone might ask themselves when reading this post is, “How to I implement a HOSTS file?”

It sounds complicated and almost no one can building a database of the countless websites and IP addresses they would like to block (Who has the time!?!). Luckily, some Microsoft MVPs have done the work for you.

This group of MVPs have put together a fairly comprehensive HOSTS file that is regularly updated and it is free for all to take, inspect, modify and apply to their operating systems. In fact, click HERE to open it up as plain text in your browser.

As of this writing, the MVPS HOSTS file contained over 15,500 entries. That’s 15,500 ad servers, 3rd party cookies, web bugs, hijack sites and more blocked effortlessly via a HOSTS file.

Click to Enlarge!

Click to Enlarge!

Why not just use Ad Block?

The benefit of a HOSTS file over an ad block plugin are:

  • HOSTS file applies to all users on a machine.
  • Applies to all internet traffic, not just browser traffic.
  • Applies to all browsers, not just browsers where the ad block plugins are installed.

Installing the MVPs HOSTS File

If you are interested in installing the MVPS HOSTS File I encourage everyone to check out http://winhelp2002.mvps.org/. If you want an extra challenge, try adding your own entries to the file or seeing if you can figure out how to manually apply the file (hint: in Windows Vista and above, you must open your text editor as an administrator before opening the HOSTS file for editing).

Need help? Let us know in the comments.

4 thoughts on “Block Unwanted Internet Traffic with a HOSTS File

  1. Great post Shane! I don’t know why I’ve never considered using the hosts file for filtering out websites. This is an excellent idea.

    I’ve only used the hosts file to connect to a hot contingency site for testing. Because the DNS is set to route to the primary, we modified the hosts file so we could hit the contingency systems.

    • Dean, OpenDNS provides protection in a similar fashion. I use both as a matter of fact. I have OpenDNS plugging into my router to add a layer of protection to anything connected to my home internet connection.

Leave a Reply