The Importance of Windows Hosts File - How to Use Your Hosts File on Windows Workstations and Windows Servers
This article explains how the Windows operating system makes use of the popular Host file, where it is located for various operating systems, how it can be used to manipulate DNS lookups and redirect DNS lookups to different IP addresses and hosts.
What is the Domain Name System?
The Internet uses a standard domain name resolution service called the DNS or the Domain Name System. All devices on the Internet have a unique IP address, much like the postal addresses people use. On the Internet, any device wanting to connect to another can do so only by using the IP address of the remote device. To know the remote IP address, the device has first to resolve the remote domain name to its mapped IP address by using DNS.
The device queries the DNS server, usually configured by the local router, by requesting the server for the IP address of that specific remote domain name. In turn, the DNS server may have to query other similar servers on the Internet until it is able to locate the correct information for that domain name. The DNS server then returns the remote IP address to the device. Finally, the device opens a connection directly to the remote IP address to perform the necessary operations.
An Alternative Method – the 'Hosts' File
Querying the DNS server to connect to a remote device can be a time-consuming process. An alternative faster method is to look up the hosts file first. This is like the local address book in your mobile, which you can consult for quickly calling up commonly used telephone numbers. All operating systems use a hosts file to communicate via TCP/IP, which is the standard of communication on the Internet. In the hosts file, you can create a mapping between domain names and their corresponding IP addresses.
You can view the contents of the hosts file in a text editor. Typically, it contains IP addresses and corresponding domain names separated by at least one space, and each entry on its own line. By suitably manipulating the contents of the hosts file, it is very easy to interchange the IP address mappings of Google.com and Yahoo.com, such that when searching for Yahoo your browser will point to Google and vice versa!
Most operating systems, including Microsoft Windows, are configured to give preference to the hosts file over the DNS server queries. In fact, if your operating system finds a mapping for a domain name in its hosts file, it will use that IP address directly and not even bother to query the DNS server. Whatever entries you add to your hosts file, they start working immediately and automatically. You will not need to either reboot or enter any additional command to make the operating system start using the entries in the hosts file.
Understanding Domain Name Resolution on Windows
Windows machines may not always have a hosts file, but they will have a sample hosts file named as lmhosts.sam. You will find the hosts file and lmhosts.sam file in the following location for all Windows opertating systems, including Server editions:
Figure 1. Hosts & lmhosts.sam files in File Explorer
In case the hosts file is missing, you can copy the lmhosts file to hosts and use it as you wish after editing it in Notepad.
Getting The Most Out of Your Hosts File
The Windows hosts file is a great help in testing new machines or deployment servers. You may want to set up and test online servers, but have them resolving only for your workstation. For example, your true web server may have a domain name www.firewall.cx, while you may have named your development server development.firewall.cx.
To connect to the development server from a remote location, you could change www.firewall.cx in your public DNS server to point to development.firewall.cx, or add an additional entry in the public DNS server. The problem with this method is that although you would be able to log into your development server, so would everyone else as the DNS server is publicly accessible.
So, instead of adding or changing resource records on your public DNS server, you can modify the hosts file on the computer that you will be using for connecting to the remote development server. Simply add an entry in the hosts file to map development.firewall.cx or even www.firewall.cx to the IP address of your development server. This will let your test bed computer connect to your development server without making the server publicialy discoverable via DNS.
Another great usage of the hosts file is to block Spyware and/or Ad Networks. Add all the Spyware sites & Ad Networks domain names in the Windows hosts file and map them to the IP address 127.0.0.1, which will always point back to your machine. That means your browser will be unable to reach these sites or domains. This has a dual benefit.
You can download ready-made hosts files that list large numbers of known ad servers, banner sites, sites giving tracking cookies, sites with web bugs and infected sites. You can find such hosts files on hpHosts Online and the Hosts File Project. Before using one of these files in your computer, it would be advisable to backup the original file first. Although using the downloadable hosts files is highly recommended, one must keep in mind that large hosts files may slow down your system.
Usually, Windows uses a DNS Client for caching previous DNS requests in memory. Although this is supposed to speed up the process, having simultaneously to read the entire hosts file into the cache may cause the computer to slow down. You can easily fix this by turning off and disabling the unnecessary DNS Client from the Services control panel under the Administrative Tools.
The Windows hosts file can be found on all Window operating systems, including server editions. If used with care, the Windows hosts file can be a powerful tool. It can make your computer environment much safer by helping to block malicious websites and at the same time potentially increasing your browser speed.