Some of you may have heard about Windows hosts file. The hosts file is one of those things that don’t get a lot of attention. This is unfortunate since the hosts file plays a key role in internet networking.
The best way to explain the hosts file is through an analogy. Let us say you have a friend named John Doe. One day, you decided to give him a call. The first thing you need is his telephone number. You haven’t memorize his number so you go to your personal address/ telephone book – these days, it is more likely on your PDA. Unfortunately, you can’t find an entry for him. What’s the next thing you can try? You go to your 10 lbs. White Pages and look up his name. After flipping through the pages, you find his name and his telephone number. You’re going to have to learn some new terms in order to understand the hosts file. The first new word is “DNS” which stands for Domain Name System. Think of the DNS as a long list containing all the web addresses on the internet. The second word is “IP address,” which stands for Internet Protocol (IP).
Now, let’s go back to the hosts file. Each webpage has a unique URL and each URL has a corresponding IP address. For example, the URL www.yahoo.com has an IP address 220.127.116.11. You can enter either the URL or the IP address into the address bar and it will take you to Yahoo!’s homepage. Most people use the URL – it is a whole lot easier to remember www.yahoo.com than it is for IP’s 18.104.22.168. A PC’s hosts file is the “personal address/ telephone book.” And, the DNS server is the “White Pages.” When you type in a URL into the address bar and press enter, your computer will first try to find the corresponding IP address from the hosts file. If the URL is not listed in the hosts file, your computer will then communicate with a DNS server to look up the corresponding IP address.
The hosts file has its pro’s and con’s. Hackers have developed ways to edit any PC’s hosts file. First, let us talk about the bad news. Remember, the PC will first look at the hosts file before resorting to looking up an IP address on a DNS server. By editing the hosts file, hackers can redirect you to one of their sites or a porn site or use your imagination. For example, on an infected hosts file, you type www.citibank.com thinking you will be taken to Citibank’s homepage. But, instead, you are taken to a hacker’s fake Citibank homepage. The webpage look genuine and it is hard to tell the difference. When you type in your user id and password, the hackers collect that information and now have access to your bank account. There is an upside to the hosts file. You can edit your hosts file. If you know that a particular IP address leads to a malicious webpage then you can edit the hosts file to redirect the web browser to a dead end. A few good Samaritans have done the work for you. They collect URL’s that are known hacker sites. They then write up a hosts file, so when you inadvertently surf to a bad site, the hosts file redirects the web browser to a dead end.