RSS
Add to Chrome
Guide: How to Defeat US DNS Censorship (Using Your Hosts File)

Guide: How to Defeat US DNS Censorship (Using Your Hosts File)

We’ve been finding ways of defeating DNS censorship partly because the United States has been suggesting that they will utilize such censorship in the PROTECT IP Act. Today, we’d like to introduce a very effective and powerful way you can defeat DNS censorship – and that is simply using a more obscure method that, again, uses what you already have on a most computers and even on some mobile devices – the Hosts file. We will be demonstrating this on a Windows 7 computer.

If you stuck around different communities with some kind of focus on computers in general, you may have seen the odd conversation here and there that talks about this mysterious file called the hosts file. A hosts file is a file that is located on most standard Windows operating systems.

Why Something Like This Might be Necessary

When you access a website through a typical WWW domain through your browser, the browser will refer to, sort of like a general public version of this file. It’s a list of domains and IP addresses. So, if you type in www.google.com, this public server list will tell your browser, “Ah, you want www.google.com, so you should be directed at the server with the following IP address: 74.125.127.99.”

The browser then actually goes to that server IP address (which is something more understandable to a computer on the internet) and then you end up with seeing the website you’ve been wanting to see.

The problem with this system is that if the government (namely the US government) wants to tamper with the list many users depend on every day. Say, the government or a corporation sees a website they don’t like, then they might be tempted to simply change the IP address of the website’s server in the public list to something else or simply block the domain name altogether. So, if you wanted to type in www.google.com and, for instance, the RIAA decides that they don’t want you to see Google, they can, in theory through the PROTECT IP Act, make it so www.google.com doesn’t point to any website at all and everyone that wants to see www.google.com will simply get something like, “Server not found” errors even though the website is working properly.

What is a Hosts File Then?

A hosts file is sort of like a personal version of this public list. Instead of, for instance, a browser referring to the public version of this list, the hosts file will tell the browser, “Oh, I know where that’s at! You don’t have to worry about that public list!” and point to the proper server IP address (if you are maintaining it properly of course)

The important thing is that you have the power to change this on your own. If the computer in question is the main computer for the internet in a network, then all computers on the network can be affected by the hosts file on that one computer even.

Essentially, if the RIAA has decided to block Google by changing the public list, it won’t matter because your hosts file will be directed to the proper IP address anyway.

Getting Started

The first thing you need is the proper server IP address of a given website. I have already outlined two great ways to obtain them in previous guides. The two methods I highlighted are through command prompt and through web DNS look-up tools. The second method can find multiple server IP addresses which can be more helpful in making sure you have access to the proper website. The first method is subject to the public domain list, but is, for now, a quick way of obtaining the IP addresses. Remember me mentioning saving those IP addresses in a convenient place in those previous guides? A hosts file is a very convenient place to have them, though in a temporary notepad file works well for the moment if you’re following along.

Step 1: Locate the Hosts File

It sounds like a simple enough thing to do. Unfortunately, that is not an easy answer because it depends on the kind of operating system. Fortunately, Wikipedia has a nice entry on where the hosts file is actually located (if at all) on many different kinds of operating systems and mobile devices. So, since we are using a Windows 7 operating system, we can note that Wikipedia tells us that this is in ” %SystemRoot%\system32\drivers\etc\”. In my case, since I didn’t do anything wild to the operating system that would alter the file structure, the hosts file is located in “C:\Windows\System32\drivers\etc” The “%SystemRoot% simply refers to where the operating system is installed on your computer. In my case, this is the window I wound up looking at when I found the hosts file:

Step 2: Open the Hosts File (for viewing)

Naturally, the file we are wanting is simply a file called “hosts”. There is no file extension to this file, so we need to right click on this file and click on “open” (first option in bold) When the window appears that asks you which program you want to open the file in, select “Notepad” (list should be in alphabetical order)

For other operating systems, it’s really the simplest, most bare-bones text editor you need for viewing and editing the hosts file properly (not word processors as that adds other bits of text to the file don’t want in there) What I wound up with when I opened the file was this:

This file contains a lot of self-explanatory information. Just remember that, on a line, if you start that line with a “#” sign, then the operating system will ignore it. This is great for notes for specific websites. If you are using Windows 7 (reportedly, it’s the same story for people using Windows Vista), you can’t edit this file because if you properly save it, you will most likely get an “Access Denied” error that stops you from saving the file. If you are a lucky person that experiences this error, then read the next step. If not and you are able to edit the hosts file unhindered, skip to step 4.

Step 3: Editing the Hosts File

This is where things get a little tricky. We need to be able to open this file under administrator using Notepad. This complicates things for when you want to edit this file, but once you are finally viewing the file under administrator, saving is easy.

First, you need to have left your hosts file for simple viewing open. Next go in to the start menu. In the search bar, type in “notepad” You should see notepad in the programs list:

Next, right click on Notepad and select “run as administrator”

At this point, Windows will show a dialogue box asking you if you want to allow Notepad to make changes to your computer. Allow it to do so because you need to edit something here!

You should have two notepad windows open now – the original hosts file and an untitled notepad file. Click on the notepad window of your original hosts file anywhere in the actual text. Now, hold down “Ctrl” on your keyboard and hit “A” on your keyboard. This will select all of the text. Now, hold “Ctrl” on your keyboard and hit “C” on your keyboard. This will copy the contents of the file. Now, click on the text area of the “untitled” notepad file. When you see a curser in the text area of the new notepad file, hold down “Ctrl” on your keyboard and press “V”. This should paste everything from the hosts file to the new untitled text file. Close the hosts notepad window.

Now, in the untitled notepad window, click on “File”, then click on “Save as…” In the new window, browse to where you found your hosts file. Now, next to the “Save as type” line, click on the small down arrow and select “All Files *.*” In the area where the files should appear, click on “hosts” and then hit the “Save” button. These are highlighted below:

Excellent, you are now able to edit your hosts file!

Step 4: Test the Hosts File

We want to make sure we can actually make things happen with this file and show ourselves that what we do to this file can make a change in how we access the internet. Think of a domain you (and no one else who uses the computer) wouldn’t normally use. For me, this is yahoo.com. So, just for fun, I want to make Yahoo simply direct to Google.

So, for this, I simply follow Microsoft’s example in the file and type in the IP address of Google. Then, I add a few spaces and type in yahoo.com like so:

After you save the changes, open up a new tab and type in the domain you chose to redirect to Google. You should be directed to Google in your browser. Now, since this is a silly change, we should just delete this line in the hosts file and save those changes (repeat steps 2 and 3 if you have to in the event the notepad window closed)

When we tested this, it took a minute for FireFox to no longer use the Google IP address when attempting to access it. For me, I ended up closing the affected tab, opening internet explorer and typing in the Yahoo domain and the changes finally took place (not sure why)

Congratulations, you now have control of your hosts file!

Step 5: Use Your Hosts File

So, now that we know for sure our hosts file can affect how we access the internet, we want to make useful changes in an effort to defeat actual DNS censorship. Let’s say a corporate organization doesn’t want you to view a website known as NewzBin2. Well, after using our DNS lookup web tool guide, we are able to determine three IP addresses NewzBin2 uses right now: 85.112.165.71, 85.112.165.87, and 85.112.165.73.

Now, this uses three IP addresses. This is great since if one server is down, we can switch IP addresses in our hosts file. Before we go further, make sure word wrap is disabled (format, word wrap – make sure there is no check mark) So, for ease of use, I type in everything like so, commenting out the second and third IP address:

If, later on, one IP address stops working, we can add a line below that entry, insert a ‘#’ symbol and type in “Failed IP addresses: (insert non-working IP addresses)” and paste over the first IP address with an alternative IP address.

It doesn’t really matter how exactly you approach this maintenance business so long as it’s consistent, working and understandable to you. If you want to add in another entry for another site, add two spaces and add in another entry.

If a website stops working all of a sudden, first, try a website checker like downforeveryoneorjustme to make sure it’s just the website that’s down and not you. Wait a little while if it’s just you, but if you feel that the IP address is the problem, then change it in your hosts file.

That should be it! Hosts file – the power is yours!

Final Thoughts

This method does modify how your system operates, so use this wisely. Don’t go modifying other files in the system unless you know exactly what you are doing or else your system could experience adverse performance issues.

This guide was made possible with the assistance of ZeroPaid member Aaron_Walkhouse. You can view our conversation via the forums (feel free to participate there or on the comment section here) Thank you Aaron for your help!

Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at [email protected].

Drew Wilson
Drew Wilson is perhaps one of the more well-known file-sharing and technology news writers around. A journalist in the field since 2005, his work has had semi-regular appearances on social news websites and even occasional appearances on major news outlets as well. Drew founded freezenet.ca and still contributes to ZeroPaid. Twitter | Google Plus
j
j

Someone needs to make a decentralized p2p dns resource. If possible.

Microsoft ordered to remove host file
Microsoft ordered to remove host file

In related news Microsoft(TM) ordered to remove host file for the "PROTECT IP" Act. In addition to any end user IP related software. Anyone found operating a personal DNS Server or circumventing the now only legal DNS server operated by the US government will be arrested as a copyright pirate and criminal with 15 years in prison. All IP address are now copyright the MIPPA and will have to be leased at a charge of $1.99 per minute of use from the MIPPA.Open source linux programmers now put on the most wanted list as they vowed to keep the IP free. They are now offering black market / back ally deals for IP DNS servers.Live From The Onion News

Drew Wilson
Drew Wilson

That's actually something that some security experts are freaking out over about all of this. Not because there's going to be a lack of control over something like that, but because it fragments the internet in general. Sadly, I think organizations like the MPAA have no problem breaking the internet. The problem is - it's to the MPAA's detriment too (though I doubt they'll even come close to understanding this until it's way too late)IMO, creating a whole new public DNS server is an option of last resort.

Chilly8
Chilly8

What the Onion talked about would never work anyway. All someone would have to do is use an offshore VPN. Becuase VPNs are used by business for secure remote access to their netowrks, the government is not about to outlaw them, lest they want to raise the ire of big business and risk not being re-elected when their terms are up.



VyprVPN Personal VPN lets you browse securely