Make hosts file in windows read-only

Recommended Videos

How to edit read only host file in NotePad - Windows 10
How to edit read only host file in NotePad - Windows 10
Edit Hosts File in Windows 7
Edit Hosts File in Windows 7
How to Modify the Hosts File in Windows 10
How to Modify the Hosts File in Windows 10
How to edit hosts file from cmd.exe - edit hosts file
How to edit hosts file from cmd.exe - edit hosts file
How to Get Missing Host File On Your Windows Computer
How to Get Missing Host File On Your Windows Computer

Make hosts file in C:\windows\system32\drivers\etc of your system/PC read-only. This will ensure that hackers cannot easily write into the hosts file and lead you to the unknown web. Browsing the internet from a PC, is not always very safe and secure, even if you have the best of antivirus and antispyware softwares installed.Are you wondering why? Read on…

Hackers are always smart and they are mostly good at whatever they do.When we hear/read about hacking, it is mostly the OS exploits that we come across.But when it comes to phishing scams,they are often through emails as detailed here.The links in those phishing emails are often spammy, and one must be very alert, as on clicking them you would be taken to a webpage that is very similar to you paypal home or your bank account’s home page. Apart from phishing mails, there are yet more simple and powerful hacking techniques to exploit certain OS settings in your PC.Explained below is one such technique to spoof some real websites,the primary intention being to steal your valuable personal information.

All that the hackers need to gain entry to your PC is for you to download and install a little software, or you to execute an ActiveX control, or some other innovative (Yes successful hackers are always innovative 🙁 ) way to fool you.

Once you oblige them by carrying out their desired action, their program/software runs to place a simple entry in your HOSTS file.

What is a HOSTS file?

It is a file that contains mapping of IP addresses to host names.

What does the HOSTS file look like?

A typical HOSTS file should look like this:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost

But a modified hosts file(after the attack) might look like this:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
420.420.420.111 www.google.com
420.420.420.111 www.yahoo.com

What does the modified HOSTS file mean?

When you launch your web browser and type in www.yahoo.com, you are redirected to a webpage at 420.420.420.111, but you never know that it is a different server, where you had landed. Note: I have used an imaginary IP address as an example here. Same with your google account. You get sent to a duplicate google page setup at a server with IP 420.420.420.111, without you realizing it. The hacker can use this technique to set up a fake web site and take you there.More importantly, in this technique, even the title in the address bar would say http://www.yahoo.com or http://www.google.com, since as far as the browser is concerned, you are at Yahoo’s home or google’s homepage. You can try this technique for yourself by modifying your PC’s host file.
This is where you get into trouble with innovative hackers.If they wanted to rip off your bank’s login credentials, they could do it easily, since the address(URL) would still appear as if it were your bank’s and you would try logging in as you normally do, and you wouldn’t be able to login. But you would have entered your username and password and that is what the hackers needed! By the time you realized what had happened, you would be broke!

How can we stop this type of attack?

None of your Anti-Virus/Anti-Spyware software, would be able to help you in these circumstances.The sure way to prevent HOSTS file abuse is to mark it “read-only”.

Now go locate your HOSTS file in C:\windows\system32\drivers\etc –> right-click on it –> and mark it “read-only”.Does this article help you? I know that you are now busy modifying your hosts file accessibility settings… 🙂

Related Videos

How to edit read only host file in NotePad - Windows 10
How to edit read only host file in NotePad - Windows 10
Edit Hosts File in Windows 7
Edit Hosts File in Windows 7
How to Modify the Hosts File in Windows 10
How to Modify the Hosts File in Windows 10
How to Get Missing Host File On Your Windows Computer
How to Get Missing Host File On Your Windows Computer
Creating windows hosts file shortcut to open with notepad as administrator
Creating windows hosts file shortcut to open with notepad as administrator
One comment on “Make hosts file in windows read-only
  1. Nice tutorial on protecting host files. Bookmarked.

    Nirmal’s last blog post..Windows XP SP3 Available through Windows Update

Leave a Reply

Your email address will not be published. Required fields are marked *

*