• root
• thoughts
• git
• about

Safer browsing with the hosts file

The hosts file is a file called by the system every DNS access attempt, or let's make it simpler, every time you connect to an internet website.

The process is simple : when you type and address, www.google.com for example, what does the system do to find which IP this domain name is linked with ? At first, it tries to find the information locally, in the hosts file, and if it doesn't find any answer, then it asks the provider's DNS server. Into this hosts file, an IP address is attributed to a given domain name, for example :

173.194.34.2 google.com

No visible change here since it's actually the correct Google's server IP address that we're linking to the name google.com. The DNS server would give us the same.

But if we did :

127.0.0.1 google.com

Then google.com (not www.google.com, be careful), would redirect us to this address which is our localhost (local loop back), and to a timeout page unless you got a http server running.

At this point, you can easily imagine what we can do : redirect the undesirable sites to where we want, or just block 'em. An example : you want to block Facebook on your family computer ? Add these two lines to hosts :

127.0.0.1 facebook.com
127.0.0.1 www.facebook.com

Where is the hosts file ?

I'll be less exhaustive than article wikipédia. Under Windows (NT, so 2k/XP/Va/7/8) : *C:\Windows\system32\drivers\etc\hosts Under OS X (formerly Mac OS X) and under UNIX/Linux generally speaking : /etc/hosts You need administrator rights in order to edit the file ; on Windows it shouldn't bother you, on UNIX a sudo nano /etc/hosts if you're not logged as root or as an admin.

Security concern with the hosts

So you can block websites, then why not to block undesirable ones ? By undesirable i mean gore/porn, spyware and malware hosting sites, but also act as an ad blocker (I wouldn't say it replaces the eponym browser extension but complete it). Several hosts files editors offers them for download, I personally use a customised version of http://someonewhocares.org/hosts, in 0.0.0.0 version instead 127.0.0.1 (faster, no timeout because 0 means no address). You can find other ones regulary updated at hosts-file.net and mvps.org.