Download FirefoxKev's PlaceDownload Firefox

HomeMy WorldDownloadsLinksFAQ'sContact Kev

Using a Hosts File

We have all had an attack of spyware/adware and viruses at various times and have found some to be very difficult to remove. Whilst not being the "magic bullet" a "hosts" file can certainly help in the battle. A "hosts" file can be made by yourself using nothing more than Notepad (and a fair amount of time to spend). A better way is to obtain an existing "hosts" file from a reliable source. I get mine (and it's regularly updated) from a Microsoft MVP here.

NOTE: The file is simply called "HOSTS" with no extension.

Okay! I hear you already - what exactly is a "hosts" file? A "hosts" file is simply a text file that resides in your Windows system folder (more on this a little later). The way it works is that every time Windows starts a DNS request (read - get something from the Internet) it first reads the contents of your "hosts" file. If the address you are trying to connect to is listed in the "hosts" file it is redirected to the IP listed there. The "hosts" file is loaded into memory when Windows boots up and is instantly available to the system.

The format of the file is as follows:

127.0.0.1 localhost <------ This entry MUST be the first!
127.0.0.1 www.bugsville.com
127.0.0.1 www.adcity.com
127.0.0.1 www.......... etc

As you can see the first number is the "localhost" (your computer) that has an IP of 127.0.0.1 (always and in all Windows systems). This is followed by a space and then the URL of the site you wish to block. So when you send a request for "www.bugsville.com" Windows automatically redirects it back to the local machine, where, of course, it finds nothing. This behaviour is a feature of Windows that is often overlooked but is a VERY powerful tool. Not only does it prevent your system from going anywhere near the suspect web site, it also works in reverse - prevents any parasite that does enter your system from "phoning home" (which is what most spyware/adware is designed to do).

The only exception to using 127.0.0.1 is if you run a webserver that uses "localhost" for access and administration from the local machine (as I do). In this event you can replace 127.0.0.1 with 0.0.0.0 (except for the frst entry which MUST be 127.0.0.1). The reason for the change should be fairly obvious - when the "hosts" file redirects you will get parts of your website (running on your webserver) mixing with external pages. The object of the redirect is to send the browser/program/link to a harmless (and invisible) address.

Okay, I hear you say, where do I put it? This depends on what version of Windows you are using. The following is a list of the file locations for it (quoted from the link I gave earlier):

Windows XP/Vista = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC
Win 98/ME = C:\WINDOWS

Windows automatically checks for the existance of a "hosts" file so you only have to put it in the right place and Windows will do the rest. Not only does it block spyware/adware but it also blocks a lot of advertising. You can block ANYTHING with the "hosts" file - but be a little cautious or you may find you can't access sites that you want to access. If you do make alterations to the "hosts" file they won't be active until you reboot.

REMEMBER: Adware/spyware/viruses can't infect you if they can't get in in the first place!!! I believe that this is the most compelling reason to have an updated "hosts" file in place. Try it and you will see the huge difference it makes to your system (and to your web experience).

Another use for the "hosts" file has come to my attention. Not only can it be used to block sites, it can be used to speed up your internet browsing. When you click on a hyperlink (be it from Favorites or any other source) Windows needs to first obtain the IP address of the site. So, it connects to a DNS server first to get that information. Depending on a number of factors this can take some time and this is where the "hosts" file comes in.

If you add entries to the "hosts" file for your more commonly used sites then Windows doesn't need to access a DNS server to resolve the domain name, saving you a lot of time and reducing the amount of "lag" between clicking on the link and actually connecting to the site. The entries in your "hosts" file would look like this:

65.197.137.25 forums.thetechstop.com
64.4.52.254 support.microsoft.com
etc.......

As you can see, instead of using it to block a website we have used it to supply the actual IP address of the site required. So when you go to, for example, "forums.thetechguys.com" Windows first looks at the "hosts" file. If the site you wanted is listed there then Windows redirects to the listed IP (bypassing the DNS server).

I have tested the above and found it very noticably decreases the amount of time it takes to get to the listed site. Obviously, you need to find the IP address of the site you want to add. This can be done very simply by using one of the many "lookup" services available on the net. I found (and use) this site to do the lookup for me. When you use the conversion site remember that you only need to supply the base URL - for instance, the URL for MS Knowledge Base Advanced Search is "http://support.microsoft.com/search/?adv=1&spid=global". To obtain the needed IP you would only use "support.microsoft.com" which translates to "64.4.52.254" (as shown in my example entry above).

Try the above for yourself - I think you will be very pleasantly surprised at the time it saves you. Remember to reboot after making changes to the "hosts" file as the changes won't be available until the system reloads it.

I am quite happy to answer questions about the "hosts" file at any time and I hope this has increased your knowledge of how things work.

Back to Tutorials
Kev Tankard 2006

Want to host your own website?
Get your free webserver here.

Abyss Web Server