0%

0/1 Lessons

Course Introduction

• 10min

0 / 2 lessons complete

DNS Basics

• 1hr 16min

0 / 8 lessons complete

DNS Resource Records

• 46min

0 / 5 lessons complete

DNS Zones

• 3hr 41min

0 / 12 lessons complete

DNS Delegation

• 50min

0 / 4 lessons complete

DNS Security Techniques

• 36min

0 / 5 lessons complete

Advanced DNS Topics

• 22min

0 / 5 lessons complete

DNS Security (DNSSEC)

• 1hr 16min

0 / 6 lessons complete

DNS Policies

• 54min

0 / 6 lessons complete

PowerShell for DNS

• 1hr 27min

0 / 6 lessons complete

Troubleshooting DNS Issues - Troubleshooting Tools

• 1hr 39min

0 / 8 lessons complete

The Hosts File

Instructions

Q&A (0)

Notes (0)

Resources (0)

Saving Progress...

Resources

There are no resources for this lesson.

Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.

Create note

Before DNS servers were in use, Windows computers used a “Hosts” file to map an IP address to an easy to remember domain name (like itflee.com). This host file still exists, so let’s go take a look at it. Open Windows Explorer and navigate to “C:\Windows\System32\Drivers\etc\”. We are looking for a file called “hosts”.

In order to edit this file, you will need to open a text editor with administrative rights. Click the Windows Button and search for Notepad. Right-click notepad and select Run as administrator.

Next, drag the hosts file into the text editor. You will now see the contents of the hosts file and are free to make changes.  

This file is commonly manipulated by hackers to do what is called DNS poisoning. Meaning, they enter a different IP address for a commonly website like facebook.com, but instead of putting FaceBooks IP address they put in the IP address of a malicious website that looks like FaceBook but instead steals user names and passwords or other personal information.  

To help you understand how this file works, let’s create an entry called mytestentry and map it to a loopback IP address. A loopback IP address (127.0.0.1) references the computer you are currently logged in to. First, let’s open Command Prompt and attempt to ping mytestentry and see what happens.

Of course, there is no hostname called mytestentry because our DNS server does not have a record of it, and it is not in the hosts file. So now we are going to create an entry for it.

Go back to notepad and at the bottom of the hosts file type 127.0.0.1 mytestentry. The 127 IP address is the loopback IP we talked about earlier, and mytestentry is the hostname we want to reference this IP address.

Save the file and switch back to Command Prompt. Press the up arrow to select the command we entered before, and press Enter.  

Now we can see that we were able to ping mytestentry. We can see that it attempted to ping at 127.0.0.1 and got a reply. Of course, we could have used any hostname we wanted to, but for this example, I wanted to use something that likely was not in use.

Now the last thing we need to do is remove the entry from our hosts file as we no longer need it. Go back to Notepad and remove the line we had just added and save the file once again. Notice that if you go back to Command Prompt and attempt to ping mytestentry it will again say it could not find the host

An import fact for you to keep in mind is that the hosts file only affects the local computer and has no effect on any other computers on the network. So you if tried to ping mytestentry from another computer on your network it would not be able to find the host because each computer only looks at its own hosts file and not any other computer’s hosts file.

Server Academy Members Only

Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.

0 0 votes
Lesson Rating
Subscribe
Notify of
profile avatar
0 Comments
Inline Feedbacks
View all comments