So what is hosts file
and how to use hosts file ?

To answer the question "What is hosts file?" we need to begin with some basics.

Every internet page has a number attached to it, called IP-address.(Short for Internet Protocol) When you write a URL in the browser address line, the internet browser needs to transelate the URL into an IP-address to know where to send you.(A browser is defined as a software used to explore or navigate the world wide web. Internet explorer is the most common one) The IP-addresses point to a specific server where the webpage can be found.

Initially, to get anywhere on the internet, you had to enter the exact IP-number for the browser to look up. However, the numbers were a bad solution because they were impossible to remember.(Unless you have really goos memory) Therefore the system changed to using domain names with a Domain Name Servers (DNS) connecting the IP-address and the domain name.

This means that when you enter a URL, for instance Yahoo.com, in your address line the browser contacts a Nameserver and gets the IP-address 204.71.200.67 where the web page is located.

The hosts file acts as a way to make surfing faster to your usual pages. You can take a shortcut by entering the IP-address in this file, located under the windows catalogue on your own computer. That way the browser uses it as a fast look up file and doesn't have to contact a DNS before going directly to the page specified in your hosts.

This can speed up your internet surfing because your browser has less travel distance. If the browser couldn't have found the URL in the hosts file, it would have contacted a DNS-server and connected the domain name to an IP-address.

Other uses are of the hostsfile are to block banners and advertisement sites and unfortunately the use of phishers to get a phishing victim to their bait site.

Let's look at some easy steps to use the hosts-file:

1. To understand how to use hosts file, you first need to find the location of hosts file, stated under for different operating systems. Although I think it's easier just to do a search for it.

Win95/98 hosts file location:
Windows 95/98/Me c:\windows\hosts

Win2k hosts file location:
Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts

Xp hosts file location :
Windows XP Home c:\windows\system32\drivers\etc\hosts

You can find an example of a Hostsfile here: http://everythingisnt.com/hosts

2. Open it and let’s see how the browser is reading hosts file data:

The hosts file consists of an IP-address to which the browser is to goto when the domain name after is entered in the browser address line.

Ex:

(from a hypothetical hostsfile)
127.0.0.1 annoying-commercial.com
204.71.200.67 anypage.com

The Ip-address 127.0.0.1 is the machine's local address. This means that the first line blocks all contact with annoying-commercial.com by linking it to the computer self. This will give the browser a busy signal, and it will give up trying to find it. Hence any links to annoying-commercial.com won't make it to your machine. This is a usual way of blocking unwanted advertising web pages.

By entering anypage.com in the address line, your browser will be directed to 204.71.200.67 which is the Yahoo directory.

3. Under a phishing attack, a Trojan virus can modify the hosts file to point your real bank’s domain to a fake, duplicated, bank site administrated by the phisher:

(fake bank IP) Real bank domain
67.47.46.179 http://www.US.Bank.com

This would send you to the fake bank IP when entering http://www.US.bank.com in the address line of your browser.

The problem with this type of phishing is that it doesn't require a bogus website, so it's harder to see through for both the victim and eventual anti phishing software.

This technology is both new and old. It has been seen for some time in the virus and spyware industry, but now it seems like phishing attacks also begin to pick up the pace! It may seem like the profit potential of the phishing industry is starting to attract earlier developers of virus, which may indeed be bad news for internet banking.