The Hosts File
Before DNS servers were in use, Windows computers used a “Hosts” file to map an IP address to an easy to remember domain name (like itflee.com). This host file still exists, so let’s go take a look at it. Open Windows Explorer and navigate to “C:\Windows\System32\Drivers\etc\”. We are looking for a file called “hosts”.
In order to edit this file, you will need to open a text editor with administrative rights. Click the Windows Button and search for Notepad. Right-click notepad and select Run as administrator.
Next, drag the hosts file into the text editor. You will now see the contents of the hosts file and are free to make changes.
This file is commonly manipulated by hackers to do what is called DNS poisoning. Meaning, they enter a different IP address for a commonly website like facebook.com, but instead of putting FaceBooks IP address they put in the IP address of a malicious website that looks like FaceBook but instead steals user names and passwords or other personal information.
To help you understand how this file works, let’s create an entry called mytestentry and map it to a loopback IP address. A loopback IP address (127.0.0.1) references the computer you are currently logged in to. First, let’s open Command Prompt and attempt to ping mytestentry and see what happens.
Of course, there is no hostname called mytestentry because our DNS server does not have a record of it, and it is not in the hosts file. So now we are going to create an entry for it.
Go back to…
No comments yet. Add the first comment to start the discussion.