The host file is best known by administrators for its misuse by malware creators (Pestilent Hordes). In this post I will describe the host file and three good reasons to use it.
The hosts file is a non-suffixed file that resides in the following location: c:\Windows\System32\Drivers\etc
Its purpose is to help resolve names to IP addresses much like DNS. The important thing to understand about the Hosts file is that it can be used to preempt DNS queries and thus the reason why Malware providers have been known to misuse the file. Here are some legitimate uses.
- To find internal resources to which there may not be a DNS entry or to which the DNS server may not be authoritative for. This is useful in migration and other scenarios where two distinct networks exist on separate subnets and IP ranges.
- In small networks where you do not have filtering of inappropriate websites the hosts file can be used to route website requests to the loopback IP otherwise known as 127.0.0.1. The net results is that the website will not resolve properly.
- In test scenarios in a development environment where you might want to test the resolution of names and various resources before the actual website goes public.
There are a number of other reasons why the Hosts file is useful however these are three which are used commonly.
For more information on the Hosts file:
Hosts file – From Wikipedia
Microsoft TCP/IP Host Name Resolution Order
Subscribe in a reader