Bypassing DNS Filters Without a Proxy – HOSTS file

This is “Bess”, the face of the annyoing web filter that was the bane of our middle school web surfing days.

Bess Can't Go There

Since Bess (N2H2 Corp.), there have been scores of other web filters installed by corporations, schools, and oppressive parents everywhere. The first thing to spread through the more tech-savvy kids is the use of a web proxy, usually along with a recommendation of one or two that haven’t been detected by that particular web filter yet. Alas, they eventually catch on, and even the best web proxies end up blocked. Fortunately, a friend of mine had his own web server in high school and hosted his own proxy server on there. Take that, Bess.

Anyway, there are a number of ways to block web content, but I’m only going to focus on one here – DNS Filtering.

Simply put, when you type “www.google.com” into the address bar of your browser, your computer looks up “directions” on how to get to google’s web server (hosted at 74.125.71.147). Your computer contacts other computers, looking for the IP address associated with “google.com”. A DNS Filter will recognize the request for “google.com”, and give it a fake answer – thus bringing up the “This domain is blocked” message.

Enter the HOSTS file

The HOSTS file on a computer can store those directions, so that the computer doesn’t have to ask for them. There’s also the browser cache, which does this on a temporary basis (thus, why the first time you view a website, it takes longer to load than subsequent views). To bypass the DNS Filter, we just have to add in a few lines to the HOSTS file.

*CAUTION – As with anything dealing with computers, you can mess up your computer if you do this wrong. If you don’t feel comfortable doing this, have your FWIGWC (Friend Who Is Good With Computers) do it.

Instructions for Windows 7/Vista

  1. Start Menu > Accessories > Notepad (Right Click, “Run As Administrator”) – You MUST have Administrator priveleges to do this.
  2. File > Open (C:\Windows\System32\drivers\etc\hosts) – This file is hidden and has no extention. Just type “hosts” into the filename and hit Enter.
  3. You should see the following file, give or take:

      # Copyright (c) 1993-2009 Microsoft Corp.
      #
      # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
      #
      # This file contains the mappings of IP addresses to host names. Each
      # entry should be kept on an individual line. The IP address should
      # be placed in the first column followed by the corresponding host name.
      # The IP address and the host name should be separated by at least one
      # space.
      #
      # Additionally, comments (such as these) may be inserted on individual
      # lines or following the machine name denoted by a '#' symbol.
      #
      # For example:
      #
      #      102.54.94.97     rhino.acme.com          # source server
      #       38.25.63.10     x.acme.com              # x client host
      # localhost name resolution is handled within DNS itself.
      # 127.0.0.1       localhost
      # ::1             localhost
    

  4. Look up the IP address for the site you are trying to access. You can do this with this tool.
  5. Add the following line to the HOSTS file (don’t use the #) to unblock google.com (sample)
  6. 74.125.71.147 www.google.com – There should be one space between the IP and hostname.

Some sites, like Facebook, utilize an entire array of different domains to host other data (images, scripts, etc). To unblock Facebook, you’ll need to copy this list, and add it to your HOSTS file.

Bypassing DNS Filters Without a Proxy – HOSTS file

Leave a Reply