https://www.youtube.com/watch?v=FpYXZXZaNP4

Udemy Generic 300x250

Before DNS servers were in use, Windows computers used a “Hosts” file to map an IP address to an easy to remember name (like itflee.com). This host file still exists, so let’s go take a look at it. Open Windows Explorer and navigate to “C:\Windows\System32\Drivers\etc\”. We are looking for a file called “hosts”.

In order to edit this file, you will need to open a text editor with administrative rights. Click the Windows Button and search for Notepad. Right click notepad and select Run as administrator.

Next drag the hosts file into the text editor. You will now see the contents of the hosts file and are free to make changes.

This file is commonly manipulated by hackers to do what is called DNS poisoning. Meaning, they enter a different IP address for a commonly website like facebook.com, but instead of putting FaceBooks IP address they put in the IP address of a malicious website that looks like FaceBook but instead steals user names and passwords or other personal information.

To help you understand how this file works, let’s create an entry called mytestentry and map it to a loopback IP address. A loopback IP address (127.0.0.1) references the computer you are currently logged in to. First, let’s open Command Prompt and attempt to ping mytestentry and see what happens.

Of course, there is no host name called mytestentry because our DNS server does not have a record of it, and it is not in the hosts file. So now we are going to create an entry for it.

Go back to notepad and at the bottom of the hosts file type 127.0.0.1 mytestentry. The 127 IP address is the loopback IP we talked about earlier, and mytestentry is the host name we want to reference this IP address. Save the file and switch back to Command Prompt. Press the up arrow to select the command we entered before, and press Enter.

Now we can see that we were able to ping mytestentry. We can see that it attempted to ping at 127.0.0.1 and got a reply. Of course we could have used any host name we wanted to, but for this example I wanted to use something that likely was not in use.

Now the last thing we need to do is remove the entry from our hosts file as we no longer need it. Go back to Notepad and remove the line we had just added and save the file once again. Notice that if you go back to Command Prompt and attempt to ping mytestentry it will again say it could not find the host.

An import fact for you to keep in mind is that the hosts file only affects the local computer and has no effect on any other computers on the network. So you if tried to ping mytestentry from another computer on your network it would not be able to find the host because each computer only looks at its own hosts file and not any other computer’s hosts file.

Comments

comments

Get Your Free Video Course!

Get the premium video course titled "Build Your Own Windows Server IT Lab" for free by subscribing to our newsletter!

Confirm your email address and we will send you the course!