How To Walk Through a Landmine Without Getting Blown Up

For over 10 years, every single computer I’ve used at work or home has been protected by something we Internet geeks refer to as the Ad Blocking Hosts File.

You see, I was an early adopted of anti-virus software; and back then (say late 90s) anti-virus software was a cure that was worse than the disease. It was too bloated and too heavy and too intrusive for my taste. So I booted it out of my computer and haven’t looked back since.

Anti-AOL User

I should add that I consider myself very much an explorer of these here Interwebs. I’m willing to venture into unknown territories, click on things that don’t look too kosher and even get burned on occasion. It comes with the territory.

While some prefer the sheltered existence of an AOL user, I was trolling the worst Internet neighborhoods in search of …something.

But I Isn’t Stupid

While danger was lurking around every click, I did make sure I was reasonably protected using two very low-tech methods that were effective then as they are effective now. And here they are.

First, I would make sure I browse the Internet using a non-admin/root account. To put it another way, I would use a regular user-lever account.

When Admin/Root executes commands those commands inherit the Admin/Root privileges. And if that command/click happens to be a virus, malware or a zombie, that nastiness will have full run of your system.

Conversely, if I click on that same virus, malware or a zombie while logged in as a user, the command will fail because an ordinary user doesn’t have the necessary level of privilege to install anything on the system.

And The Second Thing?

The second thing was the Ad Blocking Hosts File.

Hosts file is used to resolve names on the Internet. At least that was it’s original purpose. Think of it as a little black book.

Here is how it breaks down.

When humans need to resolve someone’s name/number, the first thing we might do to retrieve that person’s info is check our memory.  If the memory fails you, you best hope you have their name/number written down somewhere. The little black book perhaps? :-)

If their name/number is not in your memory or your little black book, you might have to call 411 (or whatever number you dial in your country to get an operator online to look up numbers.)

Computers Are People Too

When a computer needs to resolve a name/number (for example: diyblogger.net/ 74.125.226.114), the first thing it does is it checks its memory.

As in, have I resolved this name/number recently and if yes, then I have it in my memory (RAM) so there’s no need to go any further. I remember the number.

However, if the name/number wasn’t resolved recently, then the very next thing a computer will check is its’ Hosts file. That little black book of important numbers.

If the name is not in the little black book, the computer –the same way a person would- will contact it’s 411.

The central database for storing computer names/numbers is known as DNS (Domain Name Service.)

By and large, most computers, most of the time will use DNS to resolve a domain names like diyblogger.net

For most computers, the old little black book will be dusty and neglected.

But not on my computers.

All my computers have THOUSANDS of statically generated entries inside the Hosts file.  Why?

Since the order of name resolution is memory->Hosts file-> DNS, I can intercept the name resolution of bad neighborhoods (ad sites, known spammers, known malware carriers, etc) and cause the name resolution to fail.

Let me reiterate that.

In the olden days, Hosts file was used to resolve Internet names. Nowdays, we are using it to prevent the name resolution of bad locales online.

The reason it works is because Hosts file is checked before DNS.  It’s only fair. Hosts file predates DNS, er go, it gets checked first.

So when you land on a site with A TON of ads, every one of those ads is served up by a known ad server. The Hosts file will have a fake number (127.0.0.1 aka localloop) corresponding to the ad server’s name. Er go, the name resolution of that ad WILL FAIL because localloop is not hosting the ad and the ad will never be displayed. NICE!

Here is what a site might look like without a tricked-out Hosts file:

Note the abundance of ads as well as a pop-up.

Here is what the same site looks like on a computer with a tricked-out Hosts file:

Now that’s what I call clean.

My point?

If you are to explore greener and seedier online pastures, you best protect yourself with an Ad Blocking Hosts File. How?

Windows Instructions:

Mac Instructions:


Dino Dogan

Global Force for Badassery | Founder of Triberr | Refugee from Bosnia | Writer for Technorati | Speaker | Lousy Martial Artist | Pretty good singer/songwriter | Hi :-)

More Posts - Website - Twitter - Facebook - Google Plus

  • http://live-your-love.com/ Brankica U

    Dino, I so needed this hosts file tutorial. I try to avoid shady sites but sometimes I really need to see the greener stuff over there.

    How do you do that thing from the first tip. You log on to your computer as a user and then surf the net?

    • http://diyblogger.net/about Dino Dogan

      Glad this was timely for you :-) and yes. You simply log in as an ordinary, low-level user. Whenever something needs to install, a password prompt will pop-up alerting you to the install, at which point its up to you to make a wise choice :-)

      • http://live-your-love.com/ Brankica U

        Well, thanks a lot. Do I look like someone that can make a wise choice?

        P.S. Is the pic in the post from back home? :*

        • http://diyblogger.net/about Dino Dogan

          haha…Figures you’d make that connections :- but no..just something I found online

  • http://twitter.com/StartYourNovel Start Your Novel

    Dino, you’re one of the hardest-working bloggers I know.

    • http://diyblogger.net/about Dino Dogan

      haha thank you :-)

  • Adrienne

    Dang Dino, that’s really cool! I LOVE learning new things all the time and this tip is just awesome! You are one smart cookie my friend. I’m going to go and do the hosts file right after I finish this comment. Thank you SO much for that tip and I’ll be sure to come back and visit more often. You always provide such wonderful information.

    Have an awesome day!

    Adrienne

    • http://diyblogger.net/about Dino Dogan

      You’ll be glad to know that this post is part of a longer series on how to take greater advantage from the online world. I’m noticing that many people are really sheltered and have no idea just how much can be had out there. Si this is the first step in protecting yourself…there will be more awesome stuff coming for sure :-)

  • http://twitter.com/ryanfortin Ryan Fortin

    I love it! Only a master of the interwebs would know about such a thing like the hosts file. I used to use it to test out my websites before making them live but this is pure genius!

    • http://diyblogger.net/about Dino Dogan

      haha…master of the Interwebs lol Love it!

  • http://twitter.com/WilsonPetDesign Nia

    WOW! Valuable information, too bad I just found out :-(

    • http://diyblogger.net/about Dino Dogan

      lol…Its never too late :-) Unless you’ve decided to stop using the Interwebs? Just as well…computers are a fad anyways :-p

  • http://twitter.com/janetcallaway Janet Callaway

    Dino, aloha. Thx for the great info. While it will take me a while to digest what you said, I certainly recognize its value. Rereading your post and implementing your advice are on my “to do” list for later this week. Aloha. Janet

    • http://diyblogger.net/about Dino Dogan

      Excellent. You should have everything you need in this point, but if you get stuck, Im always here to help :-)

  • http://www.realityburst.com Eugene

    Dino. GREAT stuff! I’m definitely going to play around with the Hosts file.

    I can’t believe the whole browsing under a non-admin account never crossed my mind. So simple. But then again the best solutions always are.

    Speaking of browsing in public and embarrassment…

    I once decided to look for new basketball shoes at the Ohio State business school computer lab (you can imagine how busy that was). And instead of typing in DicksSportingsGoods.com I just typed in Dicks.com without even thinking twice.

    Not exactly what I was looking for…

    And if you’re at Starbucks I suggest you don’t go there. In fact, I’d suggest you don’t go there even if you’re not at Starbucks.

    …Hosts file would have come in handy then.

    • http://www.realityburst.com Eugene

      Woops…didn’t think that one through. Didn’t mean to include any actual links.

      At least it looks like if anyone ever visited that site at this point they wouldn’t experience the same problem I did.

    • http://diyblogger.net/about Dino Dogan

      LMAO….at least you weren’t looking to spin any meat lol (see meatspin dot com, or better yet, dont lol)

      • http://www.realityburst.com Eugene

        haha. i know all about it. i’ve been tricked into going down that path before…

  • http://elevationlife.com Bryan Thompson

    Hey Dino, not going to lie…a little over my pay grade, my friend. lol. But I was savvy enough back in the day to learn to block ad pop-ups and to sign in as a regular user to accounts… I did get a few viruses all the same back on the ol’ PC. XP was the worst! :)

    • http://diyblogger.net/about Dino Dogan

      This is some under the hood stuff…I’ll grant you. But re-read the post and try it a few times…you will LOVE IT…I promise :-)

  • http://www.itinerantentrepreneur.com/journal/ Robert Dempsey

    Hot damn Dino! Implemented this as soon as I could, and it’s ninja badassery at it’s finest. Now I can finally surf all those sites without the ads. Thank God for you man!

  • http://madhatter.ca The Mad Hatter

    I just stopped running Windows. No Windows, no problems.

    You realize that without Windows, Geek Squad would go out of business?

  • Pingback: How To Download and Test ANY Premium Wordpress Theme For FREE

  • Pingback: Exploring the Unexplored Content Distribution Channels