Hosts file

The hosts file is a sort of ‘mini DNS server’ on every Microsoft Windows system.

When someone types a URL into the web browser, the browser checks the local hosts file to see if the requested domain name is listed there, before it looks for a DNS server.

This is very efficient:

if the web browser finds a match in the hosts file, it doesn’t need to go looking on the Internet for a DNS server.

Unfortunately, writers of malicious code, spyware or phishing scams can tamper with the data stored in the hosts file.

For example, a cybercriminal might re-direct all search requests (through Google, Yahoo, etc.) simply by editing the hosts file:

listing these domain names but matching them to the IP address of a web site containing malicious code.

Or malware might prevent an Internet security program from updating itself by matching anti-malware domain names in the hosts file to the IP address of the victim’s computer.

Related Posts