CHRISGROOMS.net

The HOSTS file maps IP addresses to host names. That is, it associates an IP address to an Internet address such as www.yahoo.com. Windows checks the HOSTS file before it queries any DNS server and allows it to overrride any addresses in DNS. This blocks access to sites listed in the HOSTS file by redirecting to a different address. In other words, you can cause any connections to www.yahoo.com to actually connect to an entirely different address. This effectively blocks the connection to www.yahoo.com. Though you would not want to block Yahoo. This is just an example.

For example, the following line in a HOSTS file:

127.0.0.1 ad.doubleclick.net

This would block any connections to ad.doubleclick.net and redirects the connection to 127.0.0.1 (an IP address which is always your computer). Unless you run a webserver on your PC, this would basically cause the connection to ad.doubleclick.net to fail since there is nothing to connect to at 127.0.0.1 (your computer).

This was not the original intention of the hosts file, but this can allow you to block sites that provide ads, banners, cookies, violate your privacy, sites that provide spyware and/or adware applications or basically any site you want to block such as a pornographic website that you don’t want your kids to access.

How does this apply to the typical user? You can download maintained lists online of Internet addresses that are updated periodically and import those lists into your HOSTS file, acting as a sort of immunization against spyware, adware, viruses, privacy violation, etc.

Why use this method? It is an easy way to block websites which do or could potentially violate your privacy, infect your computer with malicious software, and track your online habits. You can also use software such as Adaware to remove bad applications once they are installed, but it does not prevent you from becoming “infected” with these issues.

You could compare using a hosts file to a flu vaccination. The doctor could give you medications to help you get over the flu, but without a vaccination you can still get it. With a vaccination or immunization you are protected from ever being bothered by the flu (or at least a specific strein of the flu).

There are many applications out there that make claims to do something you need. You’ve seen the popups and advertisements on websites that warn that you are infected or at risk and ask you to download software to fix the problems. In most cases, those applications actually act as a trojan horse like the one in Homer’s Illiad, pretending to be something nice, but in reality, not.

You don’t have the time to learn which applications are bad, which websites are not safe and private information a website gathers in the background without your approval. By using a list obtained online, you don’t have to, because someone else does it for you.

Instructions and Information @ MVPS

Free Hosts Files
MVPS List [Download Link] [Website]
Andrew Short’s List [Download List] [Website]
BadHosts [Download List] [Website]
hpHosts [Download List] [Website]

Recommended Links:
Wikipedia HOSTS File Article
Eliminate Web Advertisements
Blocking Ads on the Internet

HOSTS File Management Apps. (free):
HostsMan
HostsXpert

Note: It is possible that a hosts file obtained online may block addresses for parts of sites such as MySpace. You can remove the entry for that website in your hosts file. You can also always revert back to the original hosts file.

As always, the software and services discussed in this article are free.

A computer can be infected by malicious software from an email whether using Outlook Express, Outlook, any other email application or webmail (email which you can view online from any location). You need to be aware of the facts so that you do not become infected by a virus or malicious script contained in an email.

The first rule of protecting yourself from malicious software almost always is to patch your system with the latest security patches. These patches remove the vulnerabilities and avenues used to harm your system. If you are using Microsoft Windows, you can obtain these patches from http://updates.microsoft.com. Install all service packs, critical and security updates. These patches not only protect you from email viruses, but also prevent known ways an attacker can compromise your system. In most cases attacks take advantage of vulnerabilities in services (such as those in Windows) that run by default (or have been manually enabled by you or an application) on your system.

The next step is to understand the ways that you can become infected using email, so that you can use prevention methods. One of the most common ways to become infected is by opening attachments infected with some type of virus or script. The simple solution is, don’t open attachments (or any file for that matter) from anyone that you do not trust, although even those you trust can be infected and their email software can be used to send viruses to you or others from a trusted source’s email address (the From: address can be forged entirely). So you may believe that the attachment is from a trusted source, but it is possible the sender does not know the email was sent.

Alternatively, you may also be infected by simply opening an email that contains a macro or script. Your email software may be configured to automatically run macros or scripts contained in emails. To circumvent this, you can set your email software to not automatically run scripts or macros. Emails may also contain HTML code which is normally used to change the font, font size and colors of text in an email. HTML code may also contain malicous code. You can turn HTML off in your email application. Any malicious code in an HTML email is run by opening the email or viewing it in the preview pane.

In some applications, such as Microsoft Outlook, a preview pane is used to see the contents of an email after selecting the email message. This is the same as double-clicking an email to view the contents and you can be infected this way. You can turn off this Preview Pane and only view the contents of emails from those you trust. Pay attention to the subject line and from address. If it looks suspicious, delete it or just don’t open the email or don’t select it so it will not appear in the Preview Pane.

If you are using email from work, most companies have protection in place to scan emails for this type of activity and block them from being sent to you, or sometimes remove the infected or suspicious attachments. Don’t rely on this to protect you. Be suspicious of every email that you receive. Internet service providers also scan emails (or should). You should use anti-virus software that will scan emails as you open or receieve them.

Only certain types of files can contain malicious code, but people find new ways to attach malicious code different types of files on occasion. For example, opening a text document in Notepad won’t infect you with a virus even if you view the actual code itself, because Notepad will not run that code. Be aware of any attachments with the extensions .exe, .com, .bat, .vbs or .doc for example. Any .exe, .com, or .bat file can contain code that is run by opening the file and the same applies for a .vbs file which is a Visual Basic script. A .doc file (a Word document) sometimes contain macros that can cause damage. You can disable automatic execution of macros in Microsoft Word to prevent this and view the document safely.

You probably receive a lot of forwards from friends (usually the subject line is labeled starting with FW: indicating that it is a forwarded message). These emails have made their rounds all over the world and come in contact with thousands of computers. It’s obvious that one of those computers could have placed an infected attachment or script into the email somewhere along the line.

When you look at the From: line of an email, you may see your friends email address. Email addresses can be spoofed (faked) so it does not prove that the email is from your friend or another trusted source. Along with that technique some attackers write inticing subject lines such as “You have won a free cruise!”. The first question you should ask yourself is, did I even register to win a free cruise? Probably not. Don’t open it.

If you use webmail, find out what protections your webmail provider uses. Gmail is a great free webmail service and one of the best, because Gmail is excellent at filtering SPAM. Certain types of features of your email are disabled by default when viewing the email and you have the option to enable that feature while viewing the email if you decide it is safe. This helps to prevent the problems associated with becoming infected simply by opening an email.

What types of email attachments are safe or not safe? Here is a short list of file extensions to give you an idea. A file extension is the second part of a filename such as filename.ext (the letters after the dot in the filename).

Update: I would like to add that when you do open an email, you may notice an area at the bottom that tells you that you can opt out of receiving those emails. I want to stress that you should never ever for any reason reply to an email that you suspect is SPAM or not from a legit source. The reason for this is that when you reply to spam, you are indicating that you are receiving the email and your address will be kept, possibly sold in a list to others and the spammer may decide to send even more email. The only time you should ever click these, is to opt out of email from trusted sources such as Wal-Mart or Barnes and Noble, but I wouldn’t. It is safer to log on to Barnes and Noble’s website, open your account settings and find the option to opt out of receiving email. The best bet is just to never click anything in an email you are not sure that you can trust and close it immediately.

Safe (at this time): .JPG, .GIF, .BMP., Autocad drawings, .MPG, .PDF, .WAV, .WMA, .ZIP (the contents of a .ZIP may be dangerous if you open them after extracting the contents, but the .ZIP file itself is safe).

Use caution: .ASP, .DOC (could contain macros), .HTM, .HTML

Dangerous: .PIF, .EXE, .COM, .BAT, .VBS, .REG, .JS, .SCR, .OCX, .WMF

Most importantly, use common sense. No protection is or will ever be 100% fool proof.

Recommended Article: Crabby’s Top 10 Spam-Fighting Tips
Recommended Webmail Provider: Gmail

You need anti spyware, adware and virus software. Period. Unless of course you don’t use the Internet, but you’re here, so you do.

Your privacy, personal information such as credit card numbers and social security number, the websites that you visited, email and instant message conversations — all up for grabs. If you’re not tech savy, that information is easy to get. Your identity can be stolen quite easily. The question is, when? You have to protect yourself.

I know that most people will say, “I already use anti-this or that software”. Well, most people have some type of protection, but I would place a bet that one-third of that software on every computer on the Internet is spyware itself. You say, “What?”. Yes, keep reading, it’s for your own good.

Plenty of websites on the Internet advertise and subject you to annoying popups, many of which claim that you are infected with something and “It’s ok, cause we have the solution, just click here.”. Websites do not know that you are infected, nor do those making that claim have the solution. Don’t even say no, just exit the window. It may as well say, “Please infect me with the Ebola virus”.

If you have ever seen these messages you need to check the applications that are installed on your computer. You may need to remove malicious software that you unknowingly installed or were tricked into installing. You should check regardless of whether you think you’re safe right now.

To see what applications are installed, select the Start button on your Taskbar and select Run. Type “appwiz.cpl” and press Enter. The Add or Remove Programs dialog box will appear and list the installed applications on your computer.

Now, you need to see if any of these applications are “rogue applications” (it’s a term that means naughty application). Visit this site and if any of the applications on your computer are listed, uninstall them.

What next? Let’s install some applications that are legit and free. These are free and work great.

Still, remember, just because software is free doesn’t mean it is good. Don’t ever install an application that was not created by and downloaded from a trusted source. If you aren’t sure, ask a professional. Your neighbor or friend is not a professional, so don’t rely on his or her opinion.

Free Legit Anti-Spyware and Anti-Adware:
Lavasoft Ad-Aware [About] [Download]
Spybot Search and Destroy [About] [Download]

Use a search engine such as Google or Yahoo and search for information about software before you use it. You will easily find reviews, forums discussing the software and reputable sites such as CNet with information about a product. You might also stumble on some websites trying to sell a “competing” product that is one of those rogue applications, but use common sense.

If you’re curious how the pay-to-use software ranks up, here are two top ten lists.

Anti-Spyware Software Review 2007
Anti-Virus Software Review 2007

Once you install any anti-spyware or antivirus application, they must be updated regularly or they become useless. New malicious software appear every day, so your prevention software needs to be updated with the newest prevention methods to be able to remove the bad stuff and safeguard your computer from getting it in the first place. Once you update the software, perform a scan of your computer to make sure you haven’t been infected lately with newer viruses or spyware. If you decide to buy the software, most require you to pay a subscription fee to receive updates.

You must also keep Microsoft Windows up to date. To do so, visit http://update.microsoft.com/ and download all the security and critical updates.

Software is like swiss cheese. New security holes appear daily. Update your software. The most important software you can update is your operating system (most likely Windows). Second most important is your anti spyware and anti-adware applications. Third is anti-virus application.

Use more than one anti-spyware and anti-adware application. Update and scan with both periodically.

If you are using wireless in your home or business, ask about what type of encryption is being used. You might say, “It is none of my concern” and you would be wrong. Is your personal information, privacy, bank account information, social security number and your very identity your concern? Of course it is.

104 bit WEP key’s are breakable with 50% certainty after obtaining just 40,000 packets in less than one minute. It takes only slightly more time to break 256 bit WEP encryption.

What this means for those of you that have wireless access in your home or business, is that an attacker can determine your wireless access key in minutes if you are using WEP encryption. If you are not sure what type of encryption is being used, you may not be using encryption at all.

One minute. Little more than that is all someone needs to determine your credit card number. Trust me, you will never know it happened until you’re broke.

Essentially, encryption requires anyone that wants to view wireless data to provide a password (or “key”). If you are not using encryption, the data going ‘across your wireless network’ might as well be clear text (and may be). When I say ‘across your wireless network’, what I actually mean is that everything you do is broadcasted three hundred and sixty degrees in all directions for hundreds of feet and anyone within range can access that data as if it were a street sign. That is without ever entering your home or property.

If you’re wondering what you should do about it, switch to WPA1 or even better, WPA2 encrpytion. If your access point or router does not support it, buy one that does or find out how to update the firmware for WPA support.

WEP can still serve the purpose of deterring “accidental” access or annoying neighbors looking to freeload your Internet access, but lax security is no security.

As always, remember to disable SSID broadcasting so your wireless network is not broadcasting it’s availability, change those default passwords and enable WEP, WPA1 or WPA2.

Related Article: Breaking 104 bit WEP in less than 60 seconds (PDF)