How To Walk Through a Landmine Without Getting Blown Up
For over 10 years, every single computer I’ve used at work or home has been protected by something we Internet geeks refer to as the Ad Blocking Hosts File.
You see, I was an early adopted of anti-virus software; and back then (say late 90s) anti-virus software was a cure that was worse than the disease. It was too bloated and too heavy and too intrusive for my taste. So I booted it out of my computer and haven’t looked back since.
I should add that I consider myself very much an explorer of these here Interwebs. I’m willing to venture into unknown territories, click on things that don’t look too kosher and even get burned on occasion. It comes with the territory.
While some prefer the sheltered existence of an AOL user, I was trolling the worst Internet neighborhoods in search of …something.
But I Isn’t Stupid
While danger was lurking around every click, I did make sure I was reasonably protected using two very low-tech methods that were effective then as they are effective now. And here they are.
First, I would make sure I browse the Internet using a non-admin/root account. To put it another way, I would use a regular user-lever account.
When Admin/Root executes commands those commands inherit the Admin/Root privileges. And if that command/click happens to be a virus, malware or a zombie, that nastiness will have full run of your system.
Conversely, if I click on that same virus, malware or a zombie while logged in as a user, the command will fail because an ordinary user doesn’t have the necessary level of privilege to install anything on the system.
And The Second Thing?
The second thing was the Ad Blocking Hosts File.
Hosts file is used to resolve names on the Internet. At least that was it’s original purpose. Think of it as a little black book.
Here is how it breaks down.
When humans need to resolve someone’s name/number, the first thing we might do to retrieve that person’s info is check our memory. If the memory fails you, you best hope you have their name/number written down somewhere. The little black book perhaps?
If their name/number is not in your memory or your little black book, you might have to call 411 (or whatever number you dial in your country to get an operator online to look up numbers.)
Computers Are People Too
When a computer needs to resolve a name/number (for example: diyblogger.net/ 18.104.22.168), the first thing it does is it checks its memory.
As in, have I resolved this name/number recently and if yes, then I have it in my memory (RAM) so there’s no need to go any further. I remember the number.
However, if the name/number wasn’t resolved recently, then the very next thing a computer will check is its’ Hosts file. That little black book of important numbers.
If the name is not in the little black book, the computer –the same way a person would- will contact it’s 411.
The central database for storing computer names/numbers is known as DNS (Domain Name Service.)
By and large, most computers, most of the time will use DNS to resolve a domain names like diyblogger.net
For most computers, the old little black book will be dusty and neglected.
But not on my computers.
All my computers have THOUSANDS of statically generated entries inside the Hosts file. Why?
Since the order of name resolution is memory->Hosts file-> DNS, I can intercept the name resolution of bad neighborhoods (ad sites, known spammers, known malware carriers, etc) and cause the name resolution to fail.
Let me reiterate that.
In the olden days, Hosts file was used to resolve Internet names. Nowdays, we are using it to prevent the name resolution of bad locales online.
The reason it works is because Hosts file is checked before DNS. It’s only fair. Hosts file predates DNS, er go, it gets checked first.
So when you land on a site with A TON of ads, every one of those ads is served up by a known ad server. The Hosts file will have a fake number (127.0.0.1 aka localloop) corresponding to the ad server’s name. Er go, the name resolution of that ad WILL FAIL because localloop is not hosting the ad and the ad will never be displayed. NICE!
Here is what a site might look like without a tricked-out Hosts file:
Here is what the same site looks like on a computer with a tricked-out Hosts file:
If you are to explore greener and seedier online pastures, you best protect yourself with an Ad Blocking Hosts File. How?