The hosts file is a computer file used by an operating system to map hostnames to IP addresses. This method is one of several methods used by an operating system to locate network nodes on a computer network. On many operating systems, the host file content is used preferentially over other methods, such as the Domain Name System (DNS). Unlike DNS, the hosts file is under the control of the local computer's administrator.[1]
The hosts file is a plain-text file and is traditionally named hosts, and is most often located at the path /etc/hosts on Unix-like systems such as Linux.
Contents |
History
The ARPANET, the predecessor to the Internet, had no distributed host name database, such as the modern Domain Name System for retrieving a host's network node address by using the host's name. Each network node maintained its own map of the network nodes that it needed to know about and assigned them names that were memorable to the user. There was no method for ensuring that all references to a given node on a network were using the same name, nor was there a way to read some other system's hosts file to automatically obtain their copy.
The small size of the ARPANET made the use of hosts files practical. Network nodes typically had one address and could have potentially many names. As individual TCP/IP computer networks gained popularity, however, the maintenance of the hosts file became a larger burden on system administrators as networks and network nodes were being added to the system with increasing frequency.
Standardization efforts, such as the format specification of the file HOSTS.TXT in RFC 952, and distribution protocols, e.g., the Hostname Server described in RFC 953, helped with these problems, but the centralized and monolithic nature of host files eventually necessitated the creation of the distributed Domain Name System.
Location and content
The location of the hosts file in the file system hierarchy of operating systems varies.[2]
| Operating System | Version(s) | Location |
|---|---|---|
| Windows | 95, 98, Me | %WinDir%\ |
| Windows | NT, 2000, XP, 2003, Vista, 7 | %SystemRoot%\system32\drivers\etc\† by default.‡ |
| Macintosh | 9 and earlier | System Folder: Preferences or System folder |
| Mac OS X, iPhoneOS | /private/etc/hosts |
|
| Linux, BSD, etc | /etc/hosts[3] |
|
| Novell NetWare | SYS:etc\hosts |
|
| OS/2 & eComStation | "bootdrive":\mptn\etc\ |
|
| Symbian | Symbian OS 6.1-9.0 | C:\system\data\hosts |
| Symbian | Symbian OS 9.1+ | C:\private\10000882\hosts (AllFiles capable only) |
† Users of 64-bit versions of Windows Server 2003, Server 2008, and Vista (but not Windows 7) cannot access the HOSTS file with a 32-bit editor.[4]
‡ Actual location defined in Registry key \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath.
The hosts file consists of lines consisting of an IP address and one or more hostnames, separated by white space. Comment lines in the hosts file start with the hash character (#). Blank lines are ignored.
The default hosts file contents typically includes a line for the localhost definition.[5]
Other uses
In its function of resolving host names, the hosts file may be used to define any domain name for use in the local system. This may be used either beneficially or maliciously for various effects.
Redirecting local domains
A useful and time-saving tip for website programmers, intranet developers, and IT managers is to enable non-standard TLDs on a LAN for various purposes, such as the domain LOCAL to access the company's intranet or to test websites in development.
Internet resources blocking
People also use Hosts files as a way to block online advertising (ads), or known malicious or criminal domains and servers which may contain spyware, adware, and other malware. They do so by adding entries for those sites that redirect their requests to another address (which is the dead-end destination). Often, the local (loopback) address 127.0.0.1 is used for such purposes, but is proved to be a poor choice because:
- Some programs will run services on the loopback address
- If you are running a webserver on your machine, you will receive unexpected hits from the browser which may hinder your server development and maintenance. Besides the server may react unpredictably if a different server is running on port 80.
- Some programs which have to deal with local and remote traffic may act strange or report errors (eg ICSI Netalyzr, NoScript) when external requests are redirected to the local address
- It tries to connect to the dead-end destination which wastes a bit of unnecessary time.
A more suitable choice is to use a truly invalid address, for example 0.0.0.0 or 255.0.0.0, as they are automatically invalid as a TCP endpoint. Apart from the above benefits these truly invalid addresses also employ the same speed benefits too since communication is immediately dropped for a truly invalid address such as:
0.0.0.0 badsite.com
The free utility Spybot - Search & Destroy, for example, includes a feature called "Immunize" that populates the hosts file with thousands of URLs of such websites redirected to 127.0.0.1 (localhost) to block them.
Security issues
Because of its central role in local host resolution, the hosts file represents an attack vector for malicious software. The file can be hijacked, for example, by adware, computer viruses, trojan horse software, and may be modified to redirect traffic from an intended destination to sites hosting content that may be offensive or intrusive to the user or the user’s computer system.[6] The widespread worm Mydoom.B blocked users from visiting sites regarding computer security and antivirus software and also affected users' ability to access the Windows Update website. Administrators can set the file permissions of the hosts file to read-only as a means to help defend against malicious redirects caused by malicious software editing the hosts file when casual users without permissions use the computer.
See also
References
- ^ "Cisco Networking Academy Program: First-Year Companion Guide", page 676 (2nd Edition). Cisco Systems, Inc., 2002, ISBN 1-58713-025-4.
- ^ http://wiki.lunarsoft.net/wiki/Blocking_Malware_and_Advertisements_Safely
- ^ "Linux Network Administrators Guide - Writing hosts and networks files". http://linux.about.com/od/lna_guide/a/gdelna46.htm. Retrieved March 9, 2009.
- ^ "A 32-bit application cannot access the System32 folder on a computer that is running a 64-bit version of Windows Server 2003". http://support.microsoft.com/kb/942589.
- ^ "Microsoft Support Document 258495 - Troubleshooting Client Connectivity". http://support.microsoft.com/kb/258495.
- ^ "Remove Trojan.Qhosts – Symantec". http://www.symantec.com/security_response/writeup.jsp?docid=2003-100116-5901-99&tabid=1. Retrieved January 13, 2009.
External links
This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer)
