By adding entries to the Windows hosts file, you can block access to specific unwanted or known malware-infested websites. Jack Wallen explains how it works.
There are so many sites out there you do not want either your employees or your family to see. There are also equally as many ways to stop those sites from being viewed - from a simple third-party software solution to one involving a hardware proxy. But did you know, there is a very simple solution built right into Microsoft Windows, which allows you to block unwanted sites from being viewed on a Windows 7 PC? That solution is the hosts file.
Simply stated, the Windows hosts file is used to map IP addresses to Human Readable Names. This service is normally handled with a domain name server (DNS), but the hosts file allows you to bypass that server (When, say DNS isn't available). But more importantly, the hosts file is in direct control of what the computer can and cannot see. To this end, a PC can be configured such that it can or cannot see a specific address. That is what I want to address - the blocking of unwanted addresses in the Windows hosts file.
This blog post is also available in the PDF format in a TechRepublic Download. The examples and images used in this blog post regard Windows 7. The hosts file in earlier versions of Windows can be used in a similar fashion, but the configuration may not be exactly the same.
Locating and editing the hosts file
The Windows hosts file is located (Figure A) in C:\Windows\System32\drivers\etc. In order to edit and save the hosts file, administrative rights must be used. Even if a user is logged into an account without administrative privileges, this can be overcome, by following these steps:
1. Click on Start | All Programs | Accessories
2. Right-click Notepad
3. Select Run as Administrator
4. Click Yes on the popup window
Location of hosts file
Now that Notepad is opened with administrative rights, the hosts file can be opened and edited.
There could be one last hiccup in the saving of the hosts file - the hosts file could be set to read-only. If this is the case, that file cannot be edited and saved. To get around this, follow these steps:
1. Right-click the hosts file from within Windows Explorer
2. Select Properties
3. Uncheck Read-only (Figure B)
4. Click Yes in the UAC (if prompted)
5. Click OK in the Properties window to complete the process
Uncheck read only if it is checked
Format of the hosts file
The format of the entries in the hosts file looks like this (Figure C):
IP_ADDRESS domain name
Format of the entries in the hosts file
That is the basic mapping from IP to domain. Each line represents a single mapping. For example, an internal IP address to a hostname would be made with an entry like this:
Once the file is saved, the machine at the address 192.168.100.21 can be reached using the name bodhi-linux.
Blocking Adware and/or unwanted sites
This is where the "trick" comes in. There is an address, called the loopback address, on a computer that refers to itself. If the loopback address is pinged, the machine being pinged would be the machine doing the pinging. Make sense? The IP address of the loopback is always 127.0.0.1 (that is the case in Windows, Linux, and Mac.). Using that loopback address, any unwanted domain name can be re-directed back to the local machine. A hosts file entry for this would look like:
Where unwanted.domain is the domain to be blocked. So what needs to be done with the hosts file is:
1. Open the hosts file with administrative privileges
2. Add all of the entries you need to block all of the sites you want to block
3. Save the hosts file
4. Reset the hosts file to read-only
There is another issue that can rear its ugly head. When saving the hosts file in Notepad, Notepad is going to want to append the .txt extension to the file. Make sure this doesn't happen by either selecting All Files from the Save as type drop-down, or renaming the file from hosts.txt to hosts from within Explorer.
Say there are sites employees are forbidden to visit (Facebook, ebay, etc). To make sure the employees are always aware of the policy, you can set up a Web server that all unwanted URLs can be directed to. On that Web server you would have the company policy regarding unwanted Web surfing available. To set this up in the hosts file add a line similar to the one below (assuming the web server is at address 192.168.100.21):
Where unwanted.domain is the actual domain to be re-directed. Now, when a user goes to unwanted.domain that user will be automatically directed to 192.168.100.21, which will display the policy.
Pre-set hosts file
For those that do not want to go through and add a ton of unwanted adware sites and other malicious sites to the hosts file on every PC in an organization, this file can be downloaded, unzipped, and put in place of the current hosts file on each PC. Once that file is unzipped, make sure to look it over and make any necessary additions, before putting it into place.
There are so many ways to block unwanted sites, but it's nice to know the task can be done without having to rely on third-party software. Window's use of the hosts file makes for a very flexible tool to fine-tune what sites a computer can and cannot access.