The Hosts File Approach
Finally and separately, let me try to dissuade you from using the Hosts file to control site accesses:

The Hosts file is an archaic part of networking setups that was originally meant to be used on a LAN; it tells a PC the fixed numeric address of the internal server(s)--the LAN Host(s)--so the PC doesn't have to go looking for them through all possible addresses. It can save time when "discovering" a LAN.

But the Hosts file can be used for other purposes, too. For example, some less-than-stellar Internet speed-up software tries to shave a few fractions of a second off an Internet connection by placing the numeric address of external Web sites in the Hosts file so a Web browser won't have to look up the addresses externally. This works--as long as the site's numeric IP address never changes.

But IP addresses do change--and they're supposed to be able to. The Web operates via "dynamic" naming, where a human-friendly name (e.g., "informationweek.com") is actually an alias for the real address, which is numeric (in this example, 66.77.24.10). The numeric address can and will change from time to time as a site or server is moved or reconfigured.

People with out-of-date addresses hardwired into their hosts file will no longer be able to connect to any site whose numeric address has changed--the hosts entry will permanently point them to a dead location!

In fact, the hosts file is sometimes abused this way by hijacking software that writes a new, fake hosts file onto a system, substituting a bad numeric address (such as a porn site) for common locations such as Microsoft.com, Yahoo.com, Google.com, and so on: When a user tries to access any of the sites in the fake host file, they're redirected to the new site, such as the porn page.

Some "security" software tries to hijack the Hosts file in a benign way; and users can do it on their own as well: You use the Hosts file to associate a known-safe, numeric address with the names of sites you want to block. When the user or any process on the PC then tries to access a blocked site, it is instead directed to the safe location.

This works, but runs into the same problem as mentioned previously: A Hosts file is static, and the Web is extremely dynamic. It's almost impossible to update a Hosts file frequently enough to guard against all threats; and even if you did, you'd probably also run into problems in accidentally blocking good sites that happened to move to new numeric addresses.

There's lots more information on Hosts file abuse here, but I don't recommend its use for anything other than the original, and now archaic, purpose for which it was intended. Anything else is a misuse of the Hosts files, and runs a high risk of causing unnecessary service calls in the future when the user can't connect to some valid site they want to get to.

Instead, use the free and low-cost tools mentioned earlier, even if it means fighting a guerilla war with the bean counters or other licensing authorities in your workplace. There are many forms of licensing, all completely valid. Any organization that's cutting itself off from GPL and other totally legitimate forms of licensed freeware is seriously hurting its own business!

What's your take on freeware? Do you use it on your own PCs? On your business machines? Is it explicitly allowed or disallowed by your business? Have you run into closed minds and corporate biases against GPL, open-source, and other forms of freeware? How have you made the case for the use of software with nonstandard licensing? Join in the discussion!

To discuss this column with other readers, please visit Fred Langa's forum on the Listening Post.

To find out more about Fred Langa, please visit his page on the Listening Post.