Forum
[ New messages · Members · Forum rules · Search · RSS ]
Page 1 of 11
Forum moderator: Iznogoud 
Forum » News » Tips & Tricks » Modify the Windows HOSTS file block the app that "call home"
Modify the Windows HOSTS file block the app that "call home"
FreddyfreDate: Friday, 29-04-2016, 11:29:09 | Message # 1
Supreme Leader
Group: Administrator
Messages: 298
Status: Online
When you type in the web browser, the address of an Internet site or when the operating system or any installed application trying to connect to a "mnemonic" address like www.google.it or update.microsoft.com, is resorted to the DNS server.
The DNS server (you can use the one provided by your ISP or use, for example, those of Google, OpenDNS and so on ...) deals with "solving" the domain name that is to establish the correspondence between the address " mnemonic "and the IP of the machine (server) that responds to connection requests in the case of the indicated site.

What is the HOSTS file

The HOSTS file is a text file present in all operating systems (including those used by mobile devices) that allows you to manually assign an address mnemonic (such www.google.it) to a specific IP address.
Changes made to the HOSTS file are taken into account not only by all the installed web browsers but also from the operating system and each application.

This means that by inserting in the file HOSTS an IP address followed by a mnemonic address, will turn his machine, for the name in the specified domain, in a sort of DNS servers.
All connection requests addressed to the domain listed, it will no longer direct the original IP, but will map to the IP manually specified in the HOSTS file.

Modify the HOSTS file in Windows

If the identity and purpose of use of HOSTS files are the same regardless of the operating system used, each platform preserves the file to a different location.
In the case of Windows, the HOSTS file is stored in the% windir% \ System32 \ drivers \ etc.

To modify the HOSTS file you must open it with an application started using administrator rights.

The procedure to modify the HOSTS file in Windows is simple:

- Start Notepad, TextPad or Notepad ++ with Administrator rights. To proceed quickly, simply click the Windows 7 Start button and type, for example, Notepad in the Search programs and files.
In Windows 8.1 simply type Notepad in the Search box of the charm bar while in Windows 10 in the box immediately to the right of the Start button.
You will then need to click the right mouse button on Notepad and select Run as administrator.

In the dialog box that appears by pressing the File menu, open the text editor (be it the Windows Notepad or TextPad or Notepad ++), in the File Name box, you will have to type the following and then click the Open button :

%windir%\System32\drivers\etc\HOSTS

At this point, you may modify the HOSTS file, however, keeping in mind that some security software (including Windows Defender), they block that restoring files the original copy in the event of any changes.
Before you modify the HOSTS file, therefore, the recommendation is to temporarily disable the security software running on the system.

Prefixing the IP then specifying the mnemonic address, you can make sure that the specified domain name, limited to your system, so it resolved as specified in the HOSTS file.
To temporarily cancel the effect of the addition of one or more lines in the HOSTS file, just add, as the first character, the pound sign (#). In this way, the line with the hash mark as the first character will be treated as a comment.

For each of the addresses specified mnemonic you can specify a remote IP addresses as well as 127.0.0.1 or 0.0.0.0.

Difference between 127.0.0.1 and 0.0.0.0 addresses

The IP address 127.0.0.1 is called the loopback address and all operating systems refers to the interface of "dummy" network (loopback interface) that responds to connection requests on the same system.
Also called localhost, the IP 127.0.0.1 responds to connection requests on the same machine even if there are no network adapters "physical."
Try typing in the Windows command prompt, ping 127.0.0.1: you will still receive answer.

You think you've installed a database server on a particular machine. To applications that need to tap the content of the database stored on the local server it will be enough to provide the IP 127.0.0.1. In this way, the connection will be directly and locally, without passing through the Internet or the LAN.
It is thus possible to operate (for example to test mo') a web server and a web application that accesses, for example, to a local database without even having to be connected to the Internet.

If it were on the local machine running a web server, you can even to point a domain to any web server running locally adding in the HOSTS file, for example, the following:

127.0.0.1 www.nomedeldominio.org

If, conversely, the local system no server component was installed, all requests, for example, to www.nomedeldominio.org domain, would fall "into the void."

That's why to block all attempts to direct access to a web site, you can add 127.0.0.1 followed by the mnemonic of the site to be blocked in the HOSTS file.
To make even more "powerful block", you can replace the IP address of 0.0.0.0 127.0.0.1 loopback.
While, in fact, requests for access to the IP 127.0.0.1 is directed to the fictitious loopback interface, in the case of the IP 0.0.0.0 all requests fall on deaf ears, regardless of whether it was or was not on the local machine running a server component.
The IP 0.0.0.0 is a meta-address "non routable" that can be used to invalidate any mnemonic address.
That's why, for example, in the HOSTS file presented in the article Windows 10 and privacy: turn off the telemetry, you are used instead of IP address 0.0.0.0 127.0.0.1.

Try for example, to add the following two lines to the HOSTS file:

0.0.0.0 www.facebook.com
0.0.0.0 facebook.com

The Mark Zuckerberg's social network will no longer be visited by any browser installed on the machine.



In the area of ​​the IP server 0.0.0.0 means "all IP addresses on the same machine." If your system has two network interfaces, one respondent to the IP 192.168.1.100 and the other IP 10.1.2.10, a place to listen on the IP 0.0.0.0 server is reachable using both IP.

Prevent app "call home"

The HOSTS file can be used to block communications app to remote server.
0.0.0.0 adding to the HOSTS file, followed by the mnemonic to be locked, all attempts to connect the application to the indicated domain will not be successful.

Credits info: Nasi M.


When technology puts passion... SoftDay

by Freddy
 
FreddyfreDate: Friday, 29-04-2016, 12:13:03 | Message # 2
Supreme Leader
Group: Administrator
Messages: 298
Status: Online
Aternative method

Open Notepad and copy this:

Code
attrib -r %WINDIR%\system32\drivers\etc\hosts

SET NEWLINE=^& echo.

FIND /C /I "license.avira.com" %WINDIR%\system32\drivers\etc\hosts
IF %ERRORLEVEL% NEQ 0 ECHO ^0.0.0.0                     >>%WINDIR%\system32\drivers\etc\hosts

attrib +r %WINDIR%\system32\drivers\etc\hosts


Enter address to block see for example Avira License Block Hosts:



Save with a name .bat

Run as administrator

Enjoy! by Freddy


When technology puts passion... SoftDay

by Freddy
 
Forum » News » Tips & Tricks » Modify the Windows HOSTS file block the app that "call home"
Page 1 of 11
Search: