Tutorials‎ > ‎

Block Parasites, Adverts And Questionable Websites

posted 30 Sep 2012, 13:03 by Alistair Hamilton   [ updated 10 Sep 2015, 02:14 ]
Block unwanted content
There's a free, simple technique that can aid in the fight against malware infecting your machine. By changing the contents of your 'Hosts' file, your browser (or any other application on your computer) can be prevented from reaching certain websites. If you know that a website is suspect, then make the corresponding entry in your hosts file and you'll get an error message displayed instead.

The technique can be used to block sites your children visit; block 3rd party cookies; unwanted banners; page counters; or stop intrusive adverts from being displayed. It stops malware 'calling home' and has the additional benefit of reducing your broadband usage because the request to download or retrieve content is not sent over the Internet.

The hosts file on you computer is used to list domain names to IP address mappings and is used as part of the process that your browser uses when communicating on the Interent. By default, a hosts file will typically contain entries such as those below:

127.0.0.1 localhost
127.0.1.1 computername

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Aside from these, you can add anything else you like. Indeed, some malware browser hijackers are known to insert their own entries, substituting common websites such as google.com with a mapping to a website of their choosing (usually one that installs other malware on your computer). For this reason, you should always make sure that this file is protected and can only be changed by a user with the necessary permissions.

Before we demonstrate its use, make a backup copy of your hosts file so that you can get back to where you were in case things get messed up. The hosts file on Windows machines is located in the folder C:\Windows\System32\drivers\etc. On Linux based machines you'll find in /etc.

Remember, you need administrative privileges to edit this file. Open your hosts file in your favourite text editor and append at the bottom the following:

82.103.136.226    www.microsoft.com

Once you save the file, try going to www.microsoft.com. What should happen is, rather than going to the Microsoft site, you'll end up being redirected by your hosts file to distrowatch.com (assuming distrowatch.com hasn't changed its IP address since this article was written) from where you'll be able to download and test Linux - you know you want to.

Joking aside, this is exactly the technique that some browser hijackers use to redirect you to much more dangerous content.

Having completed the test, edit your entry so that it reads:

127.0.0.1    www.microsoft.com

This IP address is known as your network card's loopback address. In essence, any calls to this address do not go anywhere. Once you've saved the file, try going to www.microsoft.com again. Your browser should inform you that it cannot find the file or couldn't connect to the server.

This is the technique you are going to use to block access to websites. Put each entry on a separate line and simply assign each website to the loopback address of 127.0.0.1, then save the file.

UPDATE: It is recommended that you use 0.0.0.0 instead of 127.0.0.1. This resolves a slowdown issue that occurs due to a change made by Microsoft to the "TCP loopback interface" in Windows 8.1. Earlier versions of Windows is not affected nor is Linux systems though using 0.0.0.0 on those operating systems doesn't do any harm.

Clearly, continually editing this file when you come across a website you wish to block is very inefficient. If you consider the amount of questionable websites out there, not to mention all those advert serving sites that most companies seem to use these days, it will take you a long time indeed to create the corresponding entries in your hosts file.

Fortunately, there's a quicker way as someone has already done it for you. Head over to http://winhelp2002.mvps.org/hosts.htm from where you'll be able to download a very comprehensive hosts file for free. You'll also find further advice on using your hosts file. The file is updated regularly but you are not stopped from adding your own entries as well.

Remember, this is NOT a substitute for proper security measures. You should still be using anti-malware and anti-virus software. You still need to keep your system up-to-date and excercise due diligence. This is simply another weapon in the armoury to help keep your computing life free of undesirables.