The hosts file is a plain text list of domain names and IP addresses. In the case of the Windows operating system, it is a file named hosts (but no extension), usually located in the etc. folder.
Hosts file
The hosts file is needed so that the operating system can map domain names to specific IP addresses. It is a simple text file and for Windows operating systems it is located in the system32 / drivers / etc / folder. Sometimes its location is redefined through the system registry. For Mac OS, the hosts file is usually located at / private / etc.
If you open the hosts file with notepad, you can see the following entry in it:
127.0.0.1 localhost
It means that your computer has an IP address of 127.0.0.1. This IP address is assigned to any home computer - this technique is called an "internal loop". It allows the server programs to work correctly when installed on the same computer as the client programs.
Modifying the hosts file
By changing the hosts file, you can block access to sites or redirect the user to IP addresses other than those registered in the DNS system.
For example, such a record will loop back to the computer all requests sent to the microsoft.com domain:
127.0.0.1 microsoft.com
And the next entry will redirect the user who typed the address "google.com" in the address bar of the browser to the Yandex search engine servers (IP 77.88.21.11 belongs to Yandex):
77.88.21.11 google.com
Hosts file and scammers
Attackers sometimes use this kind of redirection. They infect the computer with a virus that replaces the "native" hosts file with the one created by the hacker. In such a file, the addresses of all popular search engines, postal services and social networks are usually redefined to the IP of sites controlled by the attacker. The user does not notice the difference between a real and a fake site and tells hackers his personal data, passwords, etc. If you find suspicious entries in the hosts file on your computer (domains of search engines, social services, mail servers, instant messaging systems, etc.), immediately delete these lines.
To protect users from this kind of scammers, many software developers release programs that block the hosts file from changes or promptly inform the user about these changes. For example, many free firewalls have this feature.
