Hosts file

From Wikipedia, the free encyclopedia

The hosts file is a computer file used to store information on where to find a node on a computer network. This file maps hostnames to IP addresses. The hosts file is used as a supplement to (or instead of) the domain name system on networks of varying sizes. Unlike DNS, the hosts file is under the control of the local computer's administrator.

Contents 1 History 2 Location and default content 2.1 Default content on Windows operating systems 3 Other uses for the hosts file 3.1 Blocking 3.2 Redirecting 3.2.1 Malicious use of redirection 4 See also 5 References and footnotes 6 External links 6.1 Custom hosts files 6.2 Applications to Manage Hosts Files

[edit] History

The ARPANET (predecessor to the Internet) had no domain name system for giving network nodes their own addresses. Because there was no centralized system for this purpose, each network node contained its own “map” of the network nodes that it needed to know about, and assigned them names that were memorable to the user. There was no system for ensuring that all systems on a network were called the same thing, nor was there a way to read some other user’s hosts file to automatically obtain their copy.

The small size of the ARPANET permitted hosts files to be used with some convenience for some time. Network nodes typically had one address, and could have potentially many names. As individual TCP/IP computer networks started becoming popular, however, the hosts file became a large burden on system administrators — networks and network nodes were being added all the time — making maintenance of the hosts file a task which grew significantly.

[edit] Location and default content

The hosts file is located in different locations in different operating systems and even in different Windows versions: [1]

• Windows NT/2000/XP/2003/Vista: %SystemRoot%\system32\drivers\etc\ is the default location, which may be changed. The actual directory is determined by the Registry key \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath.
• Windows 95/98/Me: %WinDir%\
• Linux and other Unix-like operating systems: /etc
• Mac OS 9 and earlier: System Folder: Preferences or System folder (format of the file may vary from Windows and Linux counterparts)
• Mac OS X and BSD based operating systems (including iPhone OS): /etc/hosts
• OS/2 and eComStation: "bootdrive":\mptn\etc\
• Symbian 1st/2nd edition phones: C:\system\data\hosts
• Symbian 3rd edition phones: C:\private\10000882\hosts, only accessible with file browsers with AllFiles capability, most are not. [2]

[edit] Default content on Windows operating systems

In Windows, the default hosts file is often blank or it contains (inactive) comment lines followed by IPv4 or IPv6 localhost entries.

127.0.0.1       localhost
::1             localhost

An example can be found at http://vlaurie.com/computers2/Articles/hosts.htm.

[edit] Other uses for the hosts file

[edit] Blocking

The hosts file has alternate uses, including filtering online advertising (ads) by having entries for known ad servers redirect to machines without the advertising on them or more typically by redirecting references to ad servers to the local address 127.0.0.1. This can save network bandwidth, as well, by eliminating a request to the DNS server normally used for obtaining address information and not downloading the advertisements. The user's experience may be further enhanced by running a minimal web server locally that only returns a blank page for every request [3]. In this way the ads from the web pages literally disappear without error. However, if the hosts file is to be used for this purpose, it must be kept up to date with lists of Internet servers known to host such content. On Windows machines, the "DNS Client" service may need to be stopped in order for changes to the hosts file to have effect.

Blocking ads in this way can result in quicker browser operation and performance improvement for several reasons. The first reason is that rather than the browser having to contact a DNS server in order to resolve multiple IP addresses, it quickly parses a small text file (the HOSTS file) located locally on a computer. Second, when the HOSTS file returns an invalid or local IP address (for example 0.0.0.0) it is not able to load the requested ad which saves time and bandwidth. For example, adding an entry to the HOSTS file such as "0.0.0.0 www.doubleclick.net" would mean that requests for ads from the ad company DoubleClick would be forwarded to an invalid IP address (0.0.0.0) and never be loaded. It is quicker to load nothing rather than download an ad image from the Internet.

The free utility Spybot - Search & Destroy includes a feature "Immunize" which populates the hosts file with thousands of URL's of adware and malware redirected to 127.0.0.1.

This phenomenon is discussed in more detail on the well-known podcast "Security Now" with Steve Gibson available at http://www.grc.com/securitynow.htm under episode #45 - The Hosts File.

Another solution is to block browser requests for the ads in the first place. This can be done through browser based plugins such as NoScript and Adblock for Firefox. Another solution would be to block the ad addresses via a proxy or firewall.

Another use of the host file is to block known dubious or criminal domains and servers (with spyware and other malware). This has the same risks as hosts blocking ads, but generally requires fewer addresses in the hosts file and therefore would have a smaller impact on the system.

[edit] Redirecting

A useful and time-saving tip for web site programmers, intranet developers and IT managers is to enable non-standard TLDs on a LAN such as example.local (for accessing Example Company's Intranet) or sample.new (for a new version of the Sample.com website during testing).

192.168.1.100       example.local
127.0.0.1           sample.new

[edit] Malicious use of redirection

The hosts file can also be "hijacked," or used for malicious purposes. For example, adware, computer viruses, trojan horses, or other malware can edit the hosts file to redirect traffic from a "safe" site (such as Google or Wikipedia) to sites hosting content that may be offensive or intrusive to the user or the user’s computer system. For example, a trojan (Qhosts) redirected traffic from search engines such as Google and AltaVista to a site specified by the author of the trojan horse [4]. Mydoom.B (a malware program) blocked users from visiting sites regarding computer security and antivirus software, and also affected users ability to access the Windows Update web site.

[edit] See also

• Adblock
• ARPANET
• Computer virus
• DNS
• resolv.conf
• Malware
• Spyware
• TCP/IP
• Trojan horse (computing)
• Unix-like
• Windows

[edit] References and footnotes

[edit] External links

• Why Should You Wait for Internet Propagation? – An alternative use to the hosts file

[edit] Custom hosts files

• Most Valuable Professional (MVP) site Updated monthly with free custom HOSTS file; information and instructions for installation. Focused on preventing unwanted advertisements & parasites. Numerous 3rd party awards and recognition(s). One of the best for lowest ads.
• XCIT DNS Service Updated frequently with an application which auto-downloads the hosts file to your system every 10 minutes. Intended as an ad-blocking service, but now domains mapped to IP addresses can be added via the registration page. These domains are added to the servers "hosts" file.
• Dan Pollock's hosts file A well maintained hosts file with updates almost daily
• Andrew Short’s Hosts file project – comprehensive hosts file
• HPHosts – An ad blocking hosts file
• The Security Now! podcast page on the hosts file
• Mikes Ad-Blocking hosts file – available as a direct download to merge in, or as an installer (last edited 2-13-07)
• SCoooBY’s Hosts File – A large list of ad servers
• Ad Blocking Lists – Peter Lowe’s List
• (French) Airelle Lists – Hosts files with a large blacklist of 500,000 sites
• Spybot - Search & Destroy has an advanced setting that adds a blacklist to your hosts file.
• DNS Flush Solution – Solution for Error DNS flush

[edit] Applications to Manage Hosts Files

• Abelhadigital’s HostsMan 3.1.55 – A freeware application for hosts file management with auto-updates
• Kimberly's Hosts Manager – Freeware Microsoft Windows hosts file manager, on the forum B.I.S.S-Bluetack Internet Security Solutions
• Funkytoad’s HostsXpert 4.3 – A free application to arrange, and edit hosts files
• Mike Meyer’s HostsToggle 2.1 – An open source hosts file tool
• KH Blocker – A free Microsoft Windows application which manages an ad-blocking hosts file
• Ray Marron's Hostess – Freeware Microsoft Windows hosts file manager.