What Is the /etc/hosts File and What is its Purpose?
The /etc/hosts or simply the Hosts file is a plain text file that maps IP addresses with their corresponding hostnames. Primarily, the Hosts file is useful when you are working on a local network of computers. It provides some simple sort of hostname resolution.
The /etc/hosts file is usually useful when we are not using DNS or NIS service for resolving IP addresses. In fact, when DNS did not exist, there were no centralized systems for resolving hostnames. Local networks and computers relied on their Hosts file. This file holds the entries for all the known hostnames and their corresponding IP addresses.
After DNS appeared on the scene, computers did not need this file and started using the DNS service for fetching hostnames. Despite these advances, the Hosts file is still relevant on modern operating systems.
What will we Cover?
In this guide, we will see what a Hosts file in Linux is, some use cases of this file, and an application of this file based on the use cases.
Use Cases of the Hosts File
We can assign a domain name to an IP address using the Hosts file. However, these changes are local and will work on the local computer.
The Hosts file is still relevant today, there are some specific use cases for the Hosts file as mentioned below:
- We have built a website, but it is not live on the web since we have not registered the domain name for it. However, if we have a registered IP address from our hosting, we can map this IP to a dummy or non-existing domain name and continue building our website.
Similarly, in a software testing environment, many web applications run on the local hosts address i.e. addresses of the type 127.0.0.1. Again, we can manage this using the Hosts file.
- In case we have migrated our website from one hosting to another one and we want to check the new hosting performance, we can connect our domain to the new hosting without closing our old hosting account. In this way, we can see how our website is loading from the new hosting.
- Suppose you want to block a website, like blocking Facebook on an educational system. We can easily do this by mapping the target domain name to an invalid address IP like 0.0.0.0. This will create a loopback. This is usually helpful for blocking non-educational websites in universities or blocking mature content for kids.
- When edited in a proper manner, the Hosts file can operate as a security firewall for a system.
Format of the /etc/hosts File
The Hosts file is located inside the /etc folder. The entries of the file are per line basis. For instance, every single line consists of a hostname followed by its IP address:
The IP addresses used here are either IPv4 or IPv6. These addresses and hostnames maintain a distance of any number white space or a distance of a tab character.
On all operating systems, the Hosts file has the same format. Let us see the contents of the file on a Linux system:
127.0.1.1 <hostname>
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
The Hosts file contains the entries for both the IPv4 and IPv6 addresses.
Application of the Hosts File
As mentioned earlier, we can use the Hosts file for blocking a domain. Let us take the case of blocking Youtube. Open the file:
and enter the below line:
Use the tab character to insert space between the IP address and its corresponding domain name.
Now, save and close the file. Open any web browser and try to navigate to youtube and see what happens:
We can see youtube.com is blocked and we are getting an ‘Unable to connect’ message. To unblock the site, we have to simply remove the above entry from the /etc/hosts file.
Access Control Files
Besides the plain Hosts file, we also have a /etc/hosts.allow file and a /etc/hosts.deny file.
These files, referred to as hostess access files, are used by TCP wrappers. These files decide whether a client machine can connect to a host.
When a TCP wrapped service gets a client request, it performs the actions below:
- Refer to the hosts.allow file: it sequentially reads this file and executes the first rule stated for that service.
- Refer to the hosts.deny file: it sequentially reads this file and if a matching rule is found, it does not accept the connection request. Otherwise access is granted to the requesting service.
The hosts.allow file decides which IP addresses can connect to a host. The /etc/hosts.deny file is used in conjunction with it.
Security Issues of the Hosts File
Although the Hosts file looks like a simple file, in some cases, for example, on Windows systems, malware like adware or spyware modifies the Hosts file to take the users to malicious websites.
If you are unsure about the health of your Hosts file, you can use Lynis system auditor for Linux. Lynis has its built-in test build for checking the security strength of your Linux system.
Also, try to keep the Hosts file at a minimum length. If you have too many systems declared inside the Hosts file, you should consider placing them in a different DNS zone.
Conclusion
The Hosts file is an old file on Linux, but still, it is a powerful utility. Right from local name resolving, it is an important part of many software and their development process. In this article, we have seen a basic introduction to the Hosts file in Linux. We have also shown how to block a website using the Hosts file. Also, we can use it to block banners, adware, and other third party page counters.
After reading this article, you should now know how to use the Hosts file for managing DNS queries as per our requirements.
