Blocking malware at the operating system level

In recent months I’ve been recommending that everyone run Adblock Plus with the malware domains subscription, to get extra protection beyond what your antivirus/antispyware suite can give. Given a choice between detecting and blocking bad stuff, or not downloading it at all, it’s much better to not download it at all.

There are some downsides to this. Adblock Plus uses a fair bit of memory. It’s tolerable on my desktop PC with 2 GB of RAM, but less so on my netbook with 1 GB of RAM. And if you have to use a browser that doesn’t have a compatible version of Adblock Plus available, you’re unprotected.

The solution is to block at the operating system level, using the hosts file.

Here’s a script that does it, with instructions.
http://www.ericphelps.com/scripting/samples/Hosts/index.htm

But I know of one malware site list that his script doesn’t use: http://www.malwaredomainlist.com/hostslist/hosts.txt. Luckily, it’s not hard at all to add that. Open the file in Notepad or another text editor, go to line 21 and add the following on a new line:
& ” http://www.malwaredomainlist.com/hostslist/hosts.txt” _

Follow the author’s instructions for turning off the DNS client service if you run Windows 2000 or newer, then run the script to generate a mega-hosts file that will keep your PC from acknowledging the existence of the known bad guys. I’ve said it before, but it’s worth repeating: Detecting and blocking malware is fine, but it’s much better–faster and safer is better, right?–to not even download the stuff in the first place.

The script explicitly works with Windows 98, NT, 2000, XP, and Vista. There’s no reason why it won’t work with Windows 7, and it might even work with Windows 95 (no guarantees though).

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux