Blocking Unwanted Parasites with a Hosts File

This page is based on www.mvps.org/winhelp2002/hosts.htm by Mike Burgess (but it explains the issue better). 

A very simple way to block some ads and malicious or pornographic web sites is with the HOSTS file, which is part of TCP/IP a set of rules and protocols that computers use to communicate. In the old days when TCP/IP was developed (before the Internet) the number of computers connected in a network was small. We now refer to this as a LAN, a Local Area Network to differentiate from larger networks. There was a computer nerd in charge of the networking (now much of this runs automatically) who manually configured each computer on the network. Part of this configuration was the HOSTS file. 

The word "host" in this context means a computer on a network. Every computer that uses TCP/IP to communicate is assigned a number, called an IP address. People don't want to refer to computers by a long string of numbers, so they are also given names. The Hosts file was in charge of translating between the name of a computer and its number. The TCP/IP software actually used the numbers (IP addresses) while us humans used the names. The hosts file consists of many entries, each entry is the name of a computer and its IP address. In the old days, computer networking nerds edited these files by hand. 

Nowadays, the translation between a computer name and its IP address is done automatically using the DNS system. However, the TCP/IP software still looks for a hosts file, just like in the old days. On modern Windows computers, the hosts file consists of just a single dummy entry that looks like this 
         127.0.0.1  localhost
The details of exactly what this dummy entry does, are not relevant to this discussion. 

The HOSTS file, that you can see here plain text format  (149 kb) is a large file with many entries for "bad" (my term) web sites. Most of the "bad" web sites serve up ads, some serve up assorted malware. A small sample follows: 
  127.0.0.1 ads.inet1.com
  127.0.0.1 banners.inetfast.com
  127.0.0.1 ads.infi.net
  127.0.0.1 ads.infospace.com

The basic idea is to use this Hosts file instead of the default one (with just a single dummy entry) and your web surfing will be faster (not as many ads) and safer. 

To swap Hosts files, you rename the existing one on your computer (in case you want to go back to it later) and place this Hosts file in the same official directory. The official directory used by Windows for the Hosts file varies. 

• For Windows XP  C:\WINDOWS\SYSTEM32\DRIVERS\ETC 
• For Windows 2000  C:\WINNT\SYSTEM32\DRIVERS\ETC 
• For Windows 98\ME   C:\WINDOWS 

The web site says that the HOSTS file must be in capital letters. This was not my experience under Windows 2000. Still, in this MS KB article How to Use a HOSTS File to Test a Site that Uses Host Headers on an Intranet it specifically says the HOSTS file should be upper case. On my Windows 2000 computer however, the existing HOSTS file was in lower case. Conflicting signals from Microsoft. Not the first time. Mike Burgess was nice enough to respond to an email and he warned that testing he and others did has found that the HOSTS file may still function in lower case, but there were several cases where it either became
corrupted or failed to function properly. 

The web page also suggests making the HOSTS file read-only to provide protection from some malware programs that modify it for bad reasons and it goes into some detail on the format of the HOSTS file in case you want to directly update it yourself. 

Should anything go wrong, all you need to do is rename a couple files and restore your original HOSTS file. There is no software to install/uninstall and no need to reboot.  

Problems: 

• I like to visit www.myway.com but could not using the HOSTS file from March 8, 2004. It had about 7 myway.com addresses blocked. Even after unblocking all of them, normal images don't appear on the myway.com web site because they come from another blocked site 
• Under Windows 2000 SP4, this has sometimes caused the computer to slow down as program SERVICES.EXE uses all the available cpu horsepower. At first the slowdown was while editing the HOSTS file, something I no longer do directly. Another time it happened after enabling the LAN connection through which a computer gets online via a router. Due a problem, the LAN connection was disabled and re-enabled. The computer slowed down for a minute or so just after the re-enabling. 
• A short while later, I started my email program and the computer slowed down again, and again, the culprit was program SERVICES.EXE. 
• Not long afterwards, services.exe looped again out of the blue, while I was editing a document. It continued to hang up the computer every now and then. 
• While services.exe was using 99% of the cpu, Task Manager refused to either cancel the program or lower its dispatching priority.
• I shut down my network connection and restored the original hosts file. 

In fairness, this will never be a perfect ad/parasite blocking scheme, but it helps and at very little cost. 

For more see What is the Hosts file?

If you really want to get into this subject in detail, here are some links courtesy of  www.smartin-designs.com 

• http://www.accs-net.com/hosts/
• http://accs-net.com/hostess/
• http://pgl.yoyo.org/adservers/
• http://lists.gpick.com/pages/Hosts_File.htm
• http://www.everythingisnt.com/hosts.html
• http://someonewhocares.org/hosts/  seems quite thorough