Edit /etc/hosts/ in Linux.


The hosts file has priority over DNS. When you type in the domain name you want to visit, the domain name must be translated into its corresponding IP Address. The operating system first checks its hosts file for the corresponding domain, and if there is no entry for the domain, it will query the configured DNS servers to resolve the specified domain name. This affects only the computer on which the change is made, rather than how the domain is resolved worldwide.
This means that you can either use the hosts file to add to what the DNS servers can't provide or override the IP addresses that your DNS servers would normally provide.

A bit of history; before DNS came online, this file held all the hostnames and IP addresses for the entire Internet. Yes, the entire Internet. System administrators would periodically download updated copies of this file from a central repository. Even by the early 1980s, it was almost impossible for admins to keep up as more and more hosts came online even when the network was still mostly limited to universities and research labs, so DNS was created. This made the hosts file largely obsolete when dealing with the public internet or even more than a few machines, but it's perfect for managing your local machine and a small local network like your Wi-Fi. Nowadays, this file will typically have the hostname you chose for the Linux machine when you installed it and the localhost defined, which is the minimum required to use the network.

Hosts File Format

Entries in the hosts file have the following format:

IPAddress DomainName [DomainAliases]

The IP address and the domain names should be separated by at least one space or tab. The lines starting with # are comments and are ignored.
Below is a sample hosts file:

# Static table lookup for hostnames.
# See hosts(5) for details.

127.0.0.1 localhost
127.0.1.1 snubmonkey.local snubmonkey

::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet

The hosts file changes take effect immediately excluding instances where applications cache the file.

Rules for Naming Hostnames

There are certain rules for naming hostnames in the host file so that the system can resolve to the provided IP address.

The rules are as follows:

  • Hostnames should not start with a hyphen or a special character except a wildcard character such as an asterisk.
  • The specified hostname should only contain alphanumeric characters a minus sign (-) and/or period (.)
  • The hostname should only begin and end with alphanumeric characters.

Case study #1


In the below example, host names for each of the snubmonkey’s four computers have been defined and their Linksys router. Each computer can be accessed by using one of two names (for ie, darkchild.snubmonkey.com or just darkchild), except the last one, which has three names.

# Static table lookup for hostnames.
# See hosts(5) for details.


127.0.0.1     localhost
192.168.1.1   linksys 
192.168.1.10  batman.snubmonkey.com batman
192.168.1.17  cat.snubmonkey.com catman
192.168.1.23  octopus.snubmonkey.com octopus
192.168.1.34  darkchild.snubmonkey.com darkchild

Case study #2

I have a local website running on port 8080, and I want to use the domain batman.local
Since the domain batman.local is not a valid domain, I cannot rely on DNS to resolve it.
Hence, I can edit the host file as:

$ sudo nano /etc/hosts
and add the following:
127.0.0.1 batman.local *.local

# Static table lookup for hostnames.
# See hosts(5) for details.

127.0.0.1 localhost
127.0.1.1 batman.local *.local

#::1 ip6-localhost ip6-loopback
#fe00::0 ip6-localnet


Now, open the browser and navigate to the address:

http://batman.local:8080

The website hosted on the specified port will load.

Case study #3


The next use case is to block a website by redirecting the traffic to an invalid IP address.

# Static table lookup for hostnames.
# See hosts(5) for details.

127.0.0.1 localhost
127.0.1.1 batman.local *.local
127.0.0.1 facebook.com

#::1 ip6-localhost ip6-loopback
#fe00::0 ip6-localnet

Now, open the browser and navigate to facebook.com. As you can see, the address does not resolve to the right address despite my internet connection working correctly.

This site can't be reached

127.0.0.1 is the loopback IP address that will always point back to your own system. Since the web isn't stored on your machine, your browser will say the site can't be found. It is now effectively blocked.

Also, a simple ping shows that the address resolves to the localhost as shown below:

$ ping -c 4 facebook.com

OUTPUT 

PING facebook.com (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.071 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.071 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.170 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.135 ms

--- facebook.com ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.071/0.112/0.170/0.043 ms



Risk factor for hosts files


Unfortunately, the hosts file is also a popular target for malware, which infiltrates the system and can change the file by itself. This can lead to users being directed to dangerous sites as well as certain addresses being blocked e.g. the servers of anti-virus program providers, meaning that their applications can no longer update. However, with a good firewall and an active virus scanner, you can usually prevent unauthorized access to the file. It can also do no harm to check the file for unwanted entries from time to time.