Sep 20, 2007

Something Cool about Spybot 1.5

I'll keep this quick, but my professor in school for my security class (who happens to be the same professor for my Capstone class) pointed out something interesting with the new version of Spybot Search and destroy (Version 1.5).

After you download and install all of the updates, and run immunize, check your hosts file. If you don't know where that is, in Windows it is located in C:\windows\system32\drivers\etc. You can open it with notepad or your favorite text editor.

You will notice the Spybot inserts a whole myriad of entries to your hosts file that point to 127.0.0.1. For those that don't know 127.0.0.1 is your loopback address, for the the layman, it is your own computer. That means that if you try to go to one of these bad sites, your computer will first check your hosts file for name to address resolution, see that the address is 127.0.0.1 and you will get a nice "Page cannot be displayed" box, which means, since you cannot go to the blocked page, you cannot get any viruses, trojans, rootkits etc from those sites!

What a simple and ingenious way of doing things! Good work Spybot!



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam