You need to sign up to get access!

Sign up to get full access to this course.

Sign up to access this lesson

Click here to sign up and get access to this lesson!

Saving Progress...

Before DNS servers were in use, Windows computers used a “Hosts” file to map an IP address to an easy to remember domain name (like itflee.com). This host file still exists, so let’s go take a look at it. Open Windows Explorer and navigate to “C:\Windows\System32\Drivers\etc\”. We are looking for a file called “hosts”.

In order to edit this file, you will need to open a text editor with administrative rights. Click the Windows Button and search for Notepad. Right-click notepad and select Run as administrator.

Next, drag the hosts file into the text editor. You will now see the contents of the hosts file and are free to make changes.  

This file is commonly manipulated by hackers to do what is called DNS poisoning. Meaning, they enter a different IP address for a commonly website like facebook.com, but instead of putting FaceBooks IP address they put in the IP address of a malicious website that looks like FaceBook but instead steals user names and passwords or other personal information.  

To help you understand how this file works, let’s create an entry called mytestentry and map it to a loopback IP address. A loopback IP address (127.0.0.1) references the computer you are currently logged in to. First, let’s open Command Prompt and attempt to ping mytestentry and see what happens.

Of course, there is no hostname called mytestentry because our DNS server does not have a record of it, and it is not in the hosts file. So now we are going to create an entry for it.

Go back to notepad and at the bottom of the hosts file type 127.0.0.1 mytestentry. The 127 IP address is the loopback IP we talked about earlier, and mytestentry is the hostname we want to reference this IP address.

Save the file and switch back to Command Prompt. Press the up arrow to select the command we entered before, and press Enter.  

Now we can see that we were able to ping mytestentry. We can see that it attempted to ping at 127.0.0.1 and got a reply. Of course, we could have used any hostname we wanted to, but for this example, I wanted to use something that likely was not in use.

Now the last thing we need to do is remove the entry from our hosts file as we no longer need it. Go back to Notepad and remove the line we had just added and save the file once again. Notice that if you go back to Command Prompt and attempt to ping mytestentry it will again say it could not find the host

An import fact for you to keep in mind is that the hosts file only affects the local computer and has no effect on any other computers on the network. So you if tried to ping mytestentry from another computer on your network it would not be able to find the host because each computer only looks at its own hosts file and not any other computer’s hosts file.

Sign up to access the rest of this lesson

You must either log in or sign up to access this lesson.

CURRICULUM

Course Introduction

• 10min

0 / 2 lessons complete

DNS Basics

• 56min

0 / 8 lessons complete

DNS Resource Records

• 45min

0 / 5 lessons complete

DNS Zones

• 4hr 11min

0 / 12 lessons complete

DNS Delegation

• 50min

0 / 4 lessons complete

DNS Security Techniques

• 36min

0 / 5 lessons complete

Advanced DNS Topics

• 22min

0 / 5 lessons complete

DNS Security (DNSSEC)

• 1hr 16min

0 / 6 lessons complete

DNS Policies

• 55min

0 / 6 lessons complete

PowerShell for DNS

• 1hr 27min

0 / 6 lessons complete

Troubleshooting DNS Issues - Troubleshooting Tools

• 1hr 39min

0 / 8 lessons complete