Power User: Speed up remote Net access and slow down attackers

John McCormick

If you work in a field office that's networked only through the Internet, and if recent attacks have made you a bit nervous about reaching your mission-critical Web sites, store the site names in a local DNS translation table.

A domain name server is simply a database that matches up a Web address, such as www.gcn.com, with the underlying numeric IP address.

Beginning with Microsoft Windows 98, every Windows operating system has had a local Hosts file. To learn about your local DNS, look in Windows\system32\drivers\ETC for a text file called Hosts. It probably contains some documentation and the entry localhost, which always has the IP address 127.0.0.1.

You can add to this text file using Windows Notepad, or just type Edit Hosts in the command line to make a local lookup table independent of a remote DNS. That can greatly speed up your access over slow dial-up connections or during denial-of-service attacks.

One useful trick involving the Hosts file is to enter site names you do not want to be accessed and give them a dummy IP address such as 127.0.0.1. Because the browser checks the local Hosts file before consulting a nonlocal DNS, and because it stops looking once it finds a matching name, you can effectively block user access to gambling, porn or other forbidden sites by redirecting them to localhost.

With Windows XP and some other operating systems, however, this gets quite complex. An explanation of which settings to alter would take far too much space, and a mistake could cause your Internet connection to fail, so the use of Hosts under XP should be left to someone who understands DNS.

Both Windows XP Professional and Windows 2000 provide good details about what and who is connected to your PC. This is the first step to discover whether someone has been snooping around.

From Start, go to Run and type CMD. Now run a utility called Netstat with these switches:
  • Netstat -a displays all connections and listening ports.

  • Netstat -e displays Ethernet statistics; also try -e-s.

  • Netstat -n displays numeric values.

  • Netstat -p displays connections under a specified protocol.

  • Netstat -r displays a routing table.

  • Netstat -s displays statistics for each protocol.

  • Netstat -s 5 will keep scanning at specified intervals'in this example, every 5 seconds.

  • Ipconfig /all is a shortcut to your system configuration, including addresses of your primary and secondary DNS servers.

John McCormick is a free-lance writer and computer consultant. E-mail him at powerusr@yahoo.com.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above