We had a lecture on DNS today in class and I thought I’d write something about the built-in domain name mapping file present in all of our computers. This file is a very interesting one. You get a lot of uses from it and at the same time it exposes you to a lot of security threats. But before going into all that, here’s something for those who do not know what DNS is.
DNS stands for Domain Name Service or Domain Name Server. As we know every server in the internet is identified by an IP Address. But in order to access the websites running on those servers we usually use something called as an URL (eg. http://www.footyntech.wordpress.com) How does the router find out the ip-address of the server containing the resource addressed by the URL? This is where the DNS comes in. Your computer sends a message containing the domain name to a server called Domain Name Server which contains a database of domain names (eg. google.com, yahoo.com etc) and their corresponding IP Addresses. The DNS responds to your request and sends you the IP address of the requested domain name. This way your computer can know the IP address of any server using the domain name. When ever new domains are created the information is propagated across the internet and all the Domain Name Servers update their database to accommodate the new Domain. If you have tried hosting webpages before, you might have noted that some time is needed for your domain name to get mapped to your webhost’s server. During that time the information about your domain will be propagated to the DNS servers. So this is just a simple abstract explanation of DNS. Actually the system is much more complex but we need not go into that.
the hosts file…
So this hosts file is actually a plain text file that contains a local Domain name mapping table. It contains ip-addresses and corresponding domain names. And this file has a greater priority than the external DNS servers. So when you enter a domain in your browser, first your hosts file is consulted to check if you have a mapping for that domain, if so that specified IP address is accessed, or else you go for the help of external domain name servers. So this is the basic function of your hosts file. Lets take a closer look at the file itself.
Your hosts file will be located in the following directory if you are running Windows.
My apologies to the folks running other operating systems…. But I know some one who knows everything, and that person would be glad to help you find your hosts file. You can find him here.
Now go on and open that file using a text editor (like Notepad in Windows). It should look like this.
Your hosts file may not look exactly like this but every hosts file is structured in the same way. The file itself is self explanatory. You’ve got the ipaddresses in one column and the domain name in the other. And btw, please dont read too much into the domain names given in my hosts file, we will come to that later. And 127.0.0.1 refers to your local computer. Its is called as the loop back address. So if you have any HTTP server running in your computer that server will be accessed if you go to 127.0.0.1. If you dont have a server in your computer then you wont be taken to any webpage.
This is how it works. If you type, say, reg.sorensonmedia.com , you will be taken to your local host (127.0.0.1) rather than the registration host of Sorenson. And ‘#’ character is used to comment out lines in the hosts file. When you install the OS for the first time you wont have any mappings here except for the local host. Now that you know what a hosts file is and how it works, lets see some tricks you can do with it.
playing with the hosts file…
You might have wondered why my hosts files has so many domain mapping. Well, the explanation might get me into a bit of trouble. But still, Im taking all risks! :D just kiddin’. Anyway, we all love to use premium software for free and we have been taught to share stuff from age 2 and we all know “Sharing is Caring”. So when you share software, you need to have a mechanism to fool the vendor and we have many techniques for that. And most of these techniques block any attempts by the software to access the vendor’s server by routing them to the localhost so that they go nowhere and hence the software wont have any way of verifying the genuineness. Since I used Adobe Software shared my acquaintances on the web (hehehe ;) ) I have the adobe entry in my hosts file.
Speaking of blocking, you can use your hosts file to block access to certain websites from your computer. To do this add the domain name to the hosts file and map it to localhost (127.0.0.1) You can also play tricks on your friends using this. You can mess up the DNS by mapping some websites to some other different websites like facebook to google, google to yahoo, etc. To do this fetch the ip address of the hosts. You can do this by running “ping hostname” as a run command (where hostname may be google.com, facebook.com etc) . So now add the IP address into your host file and specify the domain for which the IP address should be used. So to route requests for facebook to google, find google’s ip address and put the following entry in your hosts file
You can drive your friends crazy this way! The hosts file is not all about fun. This can be a serious vulnerability in your computer. For eg. A malware (virus, adware etc) may modify your hosts file and lock it so that your DNS would be totally messed up. Worse, it could route access to email websites and other websites to phishing websites that steal your passwords. The latter technique is called “desktop phishing” . Id love to teach you guyz about it but it would be illegal to do so.
There are certain very nice uses for the hosts file also. Very often we get annoyed by irritating ads in webpages. We can easily block them without having to install Ad Block software (although I use one (adblock for Chrome) and its awesome!) What you have to do is add the ad server to your hosts file and map it to the local host. You might wonder how to find the ad servers. Fear not! There is someone who cares for you! Check this out!
This is a comprehensive hosts file that is updated almost on a daily basis with the latest ad servers, hijack websites and infected websites. You can copy the contents and put them in your hosts file and Voila! You should be ad-free!
Ah! I almost forgot. After you update your hosts file, the changes may not be reflected immediately. To get things working immediately you need to flush your DNS cache. To do this open command prompt and run the following command,
You can also use the Run dialog box to use this command. And also you need to be the administrator of the computer to access and modify the hosts file.
What are you waiting for? Go play with your (or your friend’s ;) ) hosts file!