The Wall of Cookies
Back in June 2008, I invited a friend of mine to an Iron Maiden concert here in Montreal. Since he lives in Nova Scotia, this meant that he’d be staying at my place for a few days. Over the years I’ve known him, it was very clear to me that he really enjoyed cookies… so I thought I should be equipped for his arrival:
The cabinet was almost completely full – each package you see in the photo had another identical one right behind it. Needless to say, we didn’t finish all the cookies – I had to give them away to friends and family.
Blocking Websites with the Windows Hosts File
Sometimes I decide that I never want to re-visit a particular website ever again, and I want a way to block it indefinitely. Normally, I just learned to ignore a website simply out of self-discipline. Lately, I decided I wanted something more secure. After all, even with self-discpline, I could still accidentally visit said site from a link found on another unblocked site. I figured out a good solution: the Windows hosts file.
Windows features a special file simply called “hosts”, without an extension. This file allows users to map hostnames to IP addresses. More importantly, however, is that when Windows tries to locate nodes on any given network, it will take the hosts file into consideration. It will actually consider the hosts file prior to querying DNS server, and any mappings found within will override those in the DNS. This effectively allows us to write custom redirections that affect the entire system – this was the key to blocking the website. To demonstrate how I used this to my advantage, here’s what the default HOSTS file looks like in Windows 7:
#def Copyright (c) 1993-2009 Microsoft Corp.# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
If I wanted to permanently block:
- kanyewest.com
- kanyeuniversecity.com
I would add the following entries to the file, in bold:
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
127.0.0.1 kanyeuniversecity.com
127.0.0.1 www.kanyeuniversecity.com
127.0.0.1 kanyewest.com
127.0.0.1 www.kanyewest.com
By doing this, I’m telling Windows that whenever it encounters one of those domains, it should immediately resolve them to the IP 127.0.0.1, rather than querying the DNS server for the IP. The IP 127.0.0.1 is a special “loopback” IP – it pretty much points to whatever machine you are currently using. That’s how these domains are blocked – Windows will actually be told to use 127.0.0.1, which will definitely not work (since the local machine is not a web server, and is not configured to serve such content). This exact technique is used by Spybot Search & Destroy‘s Immunize feature – so when you open your HOSTS file, you might already see a bunch of entries blocked.
Notice, also, how I added two entries per website I want to block – one with “www.”, and one without it. I considered this necessary because of the following: from the point of view of a DNS server, “www.websitenamehere.com” and “websitenamehere.com” are two completely different domains; however, in most cases, on the Internet, they tend to be configured to point to the same IP address, so we rarely see instances where they behave differently. Still, since they are different at the DNS level, both possibilities needed to be added to HOSTS file.
Ultimately, once configured, the end result is this: whenever you try to access a blocked site, you’ll get this type of error:
Error seen when attempting to visit a site that has been blocked via the Windows hosts file. This example showcases Firefox, but keep in mind that the block is system-wide. Other browsers will react similarly.
There you have it – a way to block websites in Windows, and a browser-independent one at that. As for the procedure for editing the HOSTS file, it differs depending on which version of Windows you are using. For Windows Vista and Windows 7, click here. For Windows XP and older versions of windows, click here. These links will simply trigger appropriate Google searches, as I don’t have articles that cover these steps yet.
Powerful Mail
A friend recently sent me a package – I couldn’t help but laugh when I saw it:
I wasn’t home when this package arrived, and that meant the mailman had to leave note informing me that a package for “Refghi Power” would be waiting for me at the local post office. When I went to get it, I tried to contemplate how I would prove that I am “Refghi Power”, as all my IDs claim I’m “Matt Refghi”. Also, keep in mind that mostly everyone around here speaks French. Thankfully, the guy at the post office laughed and said he got it.