The /etc/hosts File Complete Guide for Linux

What is the /etc/hosts file and what is it for?

The /etc/hosts, or simply the hosts file, is a plain text file that maps IP addresses with their corresponding hostnames. Primarily, the hosts file is useful when working on a local network of computers. It provides a simple way of resolving hostnames.

The /etc/hosts file is usually useful when we don’t use DNS or NIS service to resolve IP addresses. Before DNS existed, there were no centralized systems for resolving hostnames. Local area networks and computers relied on their hosts file. This file contains the entries for all known hostnames and their corresponding IP addresses.

After DNS appeared, computers didn’t need this file and started using the DNS service to look up hostnames. Despite these advances, the hosts file is still relevant on modern operating systems.

What will we cover?

In this guide, we’ll see what a hosts file is in Linux, some use cases of that file, and an application of that file based on the use cases.

Use cases of the hosts file

Using the hosts file we can assign a domain name to an IP address. However, these changes are local and will work on the local computer.

The hosts file is still relevant today, there are some specific use cases for the hosts file as mentioned below:

  1. We have created a website but it is not online because we have not registered the domain name for it. However, if we have a registered IP address from our hosting, we can map that IP to a dummy or non-existent domain name and continue building our website.

    Similarly, in a software test environment, many web applications run on the local host address, ie addresses of type 127.0.0.1. We can also manage this with the hosts file.

  2. In case we migrated our website from one hosting to another and want to check the new hosting performance, we can connect our domain to the new hosting without closing our old hosting account. This way we can see how our website loads from the new hosting.
  3. Suppose you want to block a website, e.g. B. Block Facebook to an education system. We can easily do this by mapping the target domain name to an invalid IP address like 0.0.0.0. This creates a loopback. This is usually useful for blocking non-educational websites in colleges or adult content aimed at children.
  4. When edited properly, the hosts file can act as a security firewall for a system.

Format of the /etc/hosts file

The hosts file is located in the /etc folder. The entries in the file are made line by line. For example, each line consists of a hostname followed by its IP address:

ip_address canonical_hostname [aliases…]

The IP addresses used here are either IPv4 or IPv6. These addresses and hostnames are spaced by any number of spaces or one tab character.

The hosts file has the same format on all operating systems. Let’s see the contents of the file on a Linux system:

127.0.0.1 local host
127.0.1.1 <hostname>

# The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback
fe00::0 ip6 local area network
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6 all router

The hosts file contains the entries for the IPv4 and IPv6 addresses.

Application of the hosts file

As mentioned earlier, we can use the hosts file to block a domain. Let’s take the case of blocking Youtube. Open the file:

$ sudo nano /Etc/host

and enter the following line:

0.0.0.0 www.youtube.com

Use the tab character to add a space between the IP address and the corresponding domain name.

Now save and close the file. Open any web browser and try to YouTube to navigate and see what happens:

We can see that youtube.com is blocked and we get a “cannot connect” message. To unblock the site we simply need to remove the above entry from the /etc/hosts file.

access control files

Besides the simple hosts file, we also have an /etc/hosts.allow file and an /etc/hosts.deny file.

These files, known as hostess access files, are used by TCP wrappers. These files decide whether a client computer can connect to a host.

When a TCP wrapped service receives a client request, it performs the following actions:

  1. See the hosts.allow file: it reads this file sequentially and executes the first rule specified for this service.
  2. Look at the hosts.deny file: it reads this file sequentially and if a matching rule is found, it doesn’t accept the connection request. Otherwise, access is granted to the requesting service.

The hosts.allow file decides which IP addresses can connect to a host. The /etc/hosts.deny file is used in conjunction with this.

Hosts file security issues

Although the hosts file looks like a simple file, in some cases, for example, on Windows systems, malware like adware or spyware modifies the hosts file to redirect the users to malicious websites.

If you are unsure about the status of your hosts file, you can use the Lynis system checker for Linux. Lynis has a built-in test setup to verify the security strength of your Linux system.

Also, try to keep the hosts file to a minimum length. If you have declared too many systems in the hosts file, consider placing them in a different DNS zone.

Conclusion

The hosts file is an old Linux file, but it’s still a powerful utility. From local name resolution onwards, it is an important part of many software and its development process. In this article we have seen a basic introduction to the hosts file in Linux. We also showed how to block a website using the hosts file. It also allows us to block banners, adware and other third-party page counters.

After reading this article, you should now know how to use the hosts file to manage DNS queries according to our needs.

Related Posts