- Worldstart's Tech Tips Newsletter - http://www.worldstart.com -
Posted By On February 9, 2006 @ 3:43 PM In Security Help | Comments Disabled
If successful at infiltrating your system, viruses and other malicious code will use a common procedure in which they write entries into a special file called the Hosts file. By putting these special entry lists into the Hosts file, attackers attempt to accomplish one of following two things:
1) Viruses will put entries into your Hosts file to stop you from having any contact with any antivirus protection’s domain (i.e. Nslookup  from a command prompt.
That’s it. You just created your first Hosts file entry. Now, open up a browser and attempt to connect to worldstart.com. If it worked, then pat yourself on the back, you just added an entry to the Hosts file.
Using Your Hosts File for Defense and Security:
In addition to using your Hosts files to setup better connections to popular sites, you can also set your Hosts file to associate the industry’s most well known troublemaking host names with internal addresses. Doing this stops third party Internet parasites and banner ads from accessing the Web. You can do this by associating these host names with an internal address such as 127.0.0.1. Associating the name with this address causes the service to never leave the local system, but rather loop back to the system, thus never contacting the mother ship.
This is great Chad, but what am I supposed to do? Go out and create an entire list of malicious sites on the Web and manually enter them in the Hosts files? Yes, but don’t worry, Chad’s got you covered with an easier solution. There are some really great sites on the Web that create these huge Hosts lists of known online pests and puts them in a batch file. The list is huge. It looks like Santa’s bad list or something. But all the entries come together in a batch file, so all you have to do is double-click on it and it will create all the entries for you. This list has the majority of shady, spying sites on the Web listed in their downloadable Hosts files. The list updates regularly, so if another nasty site becomes known, it will be put on the list and they will notify you of any changes via e-mail once you have signed up for the service.
Well that’s pretty much it, but here are a couple of notes you might want to keep in mind:
1) Sometimes if the Hosts files gets too big, 135kb in Windows 2000, XP, the connection can get slow (Windows 98 and Me are unaffected).
· Start, Run, type in “services.msc” (no quotes).
· Scroll down to “DNS Client,” right-click and select Properties.
· Click the drop-down arrow for “Startup type.“
· Select Manual, click Apply/OK and restart.
2) If you are starting to have problems when you attempt to connect to a site online, you may want to go through the Hosts file and do a search for site (cntrl+F) to see if it is in the list. Then it’s up to you to continue to block the address or assign the correct one.
3) If your Internet connection implements a Proxy server, you may want to use the method listed below to work around it.
· In IE, go to Internet Options, Connections tab and choose your connection.
Make sure the box called “bypass proxy for local address” is checked.
Example: click the LAN Settings button, select Proxy Server.
“Bypass proxy server for local addresses,” click the advanced button.
Add 127.0.0.1, click OK, OK.
That should do it. You now have everything you need to edit your Hosts file and hopefully you should see some improvements in your online experience with better security. Hope it helps. Until next week, stay safe out there.
Install here: http://www.mvps.org/winhelp2002/hosts.zip
Here is a great site for Hosts files: http://www.mvps.org/winhelp2002/hosts.htm
Article printed from Worldstart's Tech Tips Newsletter: http://www.worldstart.com
URL to article: http://www.worldstart.com/hosts-file/
URLs in this post:
 Nslookup: http://www.worldstart.com/tips/tips.php/393