With the recent rash of security concerns (across all platforms) I was looking into what can be done to route at least some of the nefarious traffic to the bit bucket. So I thought I’d write a brief post about the effort.
Most people are aware that DNS servers change the more user friendly internet addresses like yourbusiness.com to an IP address that computers can work with more effectively (e.g., 192.x.x.x). We can use this process to provide a bit more safety.
There are two simple ways you can try to subvert addresses pointing to bad locations. One is to use a domain name server that knows about bad services and provides a safe place to route the traffic.
IBM recently announced its quad 9 (184.108.40.206) DNS server. The Global Cyber Alliance (GCA) has partnered with IBM and Packet Clearing House to launch this free public DNS service. It intended to block traffic to domains associated with botnets, phishing attacks, and other malicious hosts. They continue to update it as new porly behaving addresses are discovered.
The other technique is to place entries in the hosts file on your machines. The hosts file actually gets a first shot at interpreting address. There are organizations that maintain HOSTs file that you can download, containing known ads servers, banner sites, sites that give tracking cookies, contain web bugs, or infect you with hijackers. Here are web sites for organizations that produce these hosts files:
- hpguru’s HOSTS File: http://www.hosts-file.net/
- The MVPS Host File: http://www.mvps.org.
- Hosts File Project: http://remember.mine.nu/
Life hacker had an article about modifying your local hosts file, that is still valid and may be worth looking at if you’re thinking about adding this level of protection.
This all came to mind over the last few weeks, since Steve Gibson’s Security Now! podcast mentioned some new user tracking software that can be easily thwarted with a few hosts file entries.