What is the Hosts File?
The hosts file in Microsoft Windows can be used to define an IP (Internet Protocol Address) to a friendly name such as www.brighthub.com. Having this information in the hosts file makes your connection faster and more efficient. While it is not practical to enter every website into the hosts file, frequently used websites can be entered for this faster resolution method. Below is an example of your hosts file’s last lines. 127.0.0.1 is the loopback address for your computer on IPv4 and ::1 is the loopback address for your computer on IPv6.
# 126.96.36.199 rhino.acme.com
# 188.8.131.52 x.acme.com
# x client host
If you wish to connect to a website you can type in the IP address of the website, hit the space bar approximately five times and enter the web address.
If you don’t know the IP address, ping the website to get the web address.
You can also use nslookup www.yourwebsite.com to get all of the IP addresses. If you want an entry, click after the localhost and hit enter. On the next line, type the ip address and url:
To Change the Host File in Vista
- Click on Start -> All Programs -> Accessories
- Right click on "Notepad" and select "Run as administrator" (You have to Run as administrator to change the hosts file in Vista.)
- Click "Continue" if you are prompted by the UAC.
- Click File on the menu and click on Open.
- Use Windows Explorer to navigate to "C:\Windows\System32\Drivers\etc".
- Change the file type drop down box from *.txt" to "All Files (*.*).
- Select the "hosts" file and click "Open". (This will open the file with admin privileges.)
- Make your changes and click Save.
Malicious Changes to the Hosts File
Some malware programs will change your hosts file by entering your homepage or commonly used sites with a false ip address. Because Windows checks this file first, you will be redirected to a page that you don’t want. This is a form of browser hijacking. If your hosts file has changed, programs such as ComboFix can reset the hosts file and remove malicious software. You can manually reset the host file by following the above steps and only have the entries- 127.0.0.1 localhost and ::1 localhost.