Tuesday, April 28, 2009

Tip Tuesday - Protect Your Computer, And Your Family

There are two ways I personally use to protect my machines. You can use either one, or both.

1. USING A HOSTS FILE


When using the Internet most people connect to web sites, ftp servers or other Internet servers by connecting to a domain name, as in www.ahmadism.com. Internet applications, though, do not communicate via domain names, but rather by using IP addresses such as 192.168.1.1. Therefore when you type a domain name in your browser it must first find the corresponding IP address that it will use to connect to.

The way these domain names (hostnames) are resolved to their mapped IP address is called Domain Name Resolution. On almost all operating systems whether they be Apple, Linux, Unix, Netware, or Windows the majority of resolutions from domain names to IP addresses are done through DNS lookup.

What is DNS

DNS stands for Domain Name System and is the standard domain name resolution service used on the Internet. Whenever a device connects to another device on the Internet it needs to connect to it via the IP address of the remote device. In order to get that IP address, DNS is used to resolve that domain name to its mapped IP address. This is done by the device querying its configured DNS Servers and asking that server what the IP address is for that particular domain name. The DNS server will then query other servers on the Internet that know the correct information for that domain name, and then return to the device the IP address. The device will then open a connection directly to the IP address and perform the desired operation.

For more information on DNS, please see this.

Enter the Hosts File

There is another way to resolve domain names without using the Domain Name System, and that is by using one's very own HOSTS file. Almost every operating system that communicates via TCP/IP, has a file called the HOSTS file. This file allows you to create mappings between domain names and IP addresses.

The HOSTS file is a text file, usually without an extension, that contains IP addresses separated by at least once space and then a domain name, with each entry on its own line. For example, imagine that we wanted to make it so that if you typed in www.google.com, instead of going to Google we would go to www.yahoo.com. In order to do this you would need to find out one of the IP addresses of Yahoo and map www.google.com to that IP address.

One of the IP addresses for Yahoo is 216.109.118.69. If we wanted to map Google to that IP address we would add an entry into our HOSTS file as follows:

216.109.118.69 www.google.com

NOTE: When inputting entries in the hosts file there must be at least one space between the IP address and the domain name. You should not use any web notations such as \, /, or http://. You can disable a specific entry by putting a # sign in front of it, in essence commenting the line out.


somethingBlank


You may be wondering why this would work as we said previously that when you need to resolve a domain name to an IP address the device will use its configured DNS servers. Normally this is true, but on most operating system the default configuration is that any mappings contained in the Hosts file overrides any information that would be retrieved from a DNS server. In fact, if there is a mapping for a domain name in a hosts file, then your computer will not even bother querying the DNS servers that are authoritative for that domain, but instead read the IP address directly from the HOSTS file. It is also important to note that when you add entries to your HOSTS file they automatically start working. There is no need to reboot or enter another command to start using the entries in the HOSTS file.

You can find where the HOSTS file is located at in your system here.

Why would I want to use a HOSTS file

There are a variety reasons as to why you would want to use a HOSTS file but I want to point out the main one, in my opinion, so you can see the versatility of the little file called the HOSTS file.

Block Spyware/Ad Networks - By adding large lists of known ad network and Spyware sites into your hosts file and mapping the domain names to the 127.0.0.1, which is an IP address that always points back to your own machine, you will block these sites from being able to be reached. This has two benefits; one being that it can make your browsing speed up as you no longer have to wait while you download ads from ad network sites and because your browsing will be more secure as you will not be able to reach known malicious sites.

NOTE: It is important to note that there have been complaints of system slowdowns when using a large hosts file. This is usually fixed by turning off and disabling the DNS Client in your Services control panel under Administrative Tools. The DNS client caches previous DNS requests in memory to supposedly speed this process up, but it also reads the entire HOSTS file into that cache as well which can cause a slowdown. This service is unnecessary and can be disabled.

There are HOST files that are already made that you can download, which contain a large list of known ads servers, banner sites, sites that give tracking cookies, contain viruses, or infect you with hijackers. Listed below are web sites that produce these types of hosts files for your use (free):

hpguru's HOSTS File can be found here: http://www.hosts-file.net/

The MVPS Host File can be found at: http://www.mvps.org.

Hosts File Project can be found here : http://remember.mine.nu/

If you choose to download these files, please backup your original by renaming it to hosts.orig and saving the downloaded HOSTS file in its place. Using a HOSTS file such as these is highly recommended to protect your computer.

As you can see the HOSTS file is a powerful tool if you understand how to use it. You should now know how to use the HOSTS file to manipulate Domain Name Resolution to suit your needs. It is also important that you use its ability to block malicious programs as discussed above to make your computing environment more secure.

2. USING OPENDNS


OpenDNS provides free DNS server addresses which you enter on your home router or within your computer's network settings. The service caches the billions of DNS requests made by its users into a giant database on a distributed network, which turbocharges surfing for everyone who uses it. Not only that, but it protects the entire network (if used at the router level) from several categories and levels; which cover phishing sites, pornography, tasteless material, etc. It even corrects Web-address typos for you.

In short, OpenDNS works by caching a key phase of Web-page requests (namely, DNS requests) from its thousands of users, so that the site you want is blasted to you in a fraction of a second. It also offers you several categories to chose from, as well as give you the option to manually add domain names.

The categories function saves you from entering domain names as you would have with a HOSTS file, making it easy to control only one file for your entire network versus several HOSTS files residing on every machine you want protected. It's also a whole lot easier to rely on a maintained list of sites/categories versus updating the HOSTS file with new entires.

With openDNS, you can even create shortcuts to replace certain URLs, and pop up custom warning messages for the blocked content and categories you have chosen. OpenDNS was amongst the few that protected against the Confiker worm.

The How-To Geek's got a screen-by-screen look at what you can do, for free, to keep your net stream relatively clean. It's very easy to follow and implement. Simply put, the service is absolutely awesome. I've personally been using it for free for a long while now.

To be honest, I use both the HOSTS file method and openDNS. But I've definitely not kept up with updating the HOSTS file, making openDNS the superior choice here. It's hard to beat the service when it's free, central and fits well into my whole access from anywhere approach.

I recommend these solutions to all families, especially ones with children, but also to all religious institutions like Mosques, Churches, etc. I'd even recommend it to all non-profit & commercial companies to help protect their network and prevent some of the crap out there on the web.

Please don't hesitate to let me know should you have any questions via the comments or by sending me an email to theahmadism [squigly thing] G mail [dot] c o m

1 comment:

VENKAT said...

From the above article i read what is DNS,DNR,Ip-Address & it's important also.Recently i found the Ip-address details on the site named www.ip-details.com.It is very fast to get the informations..Cost free also..