Protect Your PC by Blocking Malicious Sites

The Windows IP address manager can be your friend, enabling you to create a wall between your machine and the black hats.
(Page 1 of 2)

When I built my first Network Environment antivirus software it was a good idea, but still largely optional. In fact, at the time we only had one PC that was actually on the Internet. It seems that as my career progressed, so did the threats. In my first large network, we were installing antivirus software on all our PC’s. This was followed by antivirus software for our Servers and a version especially for our Exchange Server.

In time, I became an IT Director we had to add antispyware tools to the repertoire. Lo and behold today we install Internet Security software to protect against viruses, spyware, rootkits and spam – not to mention giving users intrusion protection, firewall, parental controls, data theft and email safety scan.

Rumor has it that soon these packages will start your car, check for dangerous fumes and scan all mail for “weapon-ized” bio-chemicals.

I know I am being a bit over the top but it makes the point. We are adding more and more tools to combat against the growing tide of threats. The truth is, even with all this security we are still vulnerable.

There is no “silver bullet,” I recall running an antispyware scan on a user’s machine that found and cleaned 856 different threats. After a restart, I ran a scan with another spyware program. This one found 445 other threats (yes, they were different – I checked the log reports).

No doubt, I could have installed three other scanners and got three more varying results.

Therefore, what can we do? How do we keep ahead of the storm? One answer is to pull your systems off the Internet. Of course that’s the equivalent to selling everything and moving into a cave – not a viable business strategy.

So, what alternative is there?

Reinforcements have arrived

The answer lies in a somewhat older technology called Windows hosts files. The hosts file uses entries to resolve domain names to IP addresses just like DNS. DNS takes the name of a host such as “rare-tech.net” and converts it to the IP Address (207.46.222.11) of the host.

However, the hosts file takes precedence over the DNS mappings. Moreover, unlike DNS, which is controlled from the server, the host’s file is on the individual PC and is controlled by the local machine.

Overriding DNS is not a bad thing since adware servers are often listed in DNS servers. The idea of converting IP addresses into understandable naming conventions is terrific. However, machines have now way of knowing that the IP Address that it is converting to a name is actually an ad server or some other sort of rogue system.

An easy way of handling this is to edit the host’s file to send the request for these sites to the IP address 127.0.0.1, which is the local host. Since the system will continue to translate the address as a local host, it will just send it into an endless loop. This of course provides no ill effects to your PC.


Page 1 of 2

 
1 2
Next Page



Tags: Windows, security, server, software, servers


0 Comments (click to add your comment)
Comment and Contribute

 


(Maximum characters: 1200). You have characters left.