In computing, a host file, stored on the computer's filesystem, is used to look up the Internet Protocol address of a device connected to a computer network. The host file describes a many-to-one mapping of device names to IP addresses. When accessing a device by name, the networking system will attempt to locate the name within the host file if it exists. Typically, this is used as a first means of locating the address of a system, before accessing the Internet domain name system. The reason for this is that the host file is stored on the computer itself and does not require any network access to be used, whereas DNS requires access to an external system, which is typically slower.

The host file is generally named "hosts" and is located in the following directories for each operating system:

• Linux and other Unix related operating systems - /etc
• Windows 95/Windows 98/Windows Me - C:\windows\
• Windows 2000/Windows XP - %SystemRoot%\system32\drivers\etc\
• Windows NT - C:\winnt\system32\drivers\etc\
• Mac OS - System Folder:Preferences or System folder (format of the file may vary from Windows and Linux counterparts)
• Mac OS X - /etc/hosts (uses BSD-style hosts file)

One use of the host file is ad filtering. This is accomplished by adding a line to the file that maps an ad server's hostname to 127.0.0.1 (home IP) or 0.0.0.0 (no IP). Then, when an internet-capable program attempts to contact the advertiser, its request is rerouted and no advertisement can be loaded. Since no additional programs are necessary to do this, host file based ad-blocking has a near-zero memory and CPU footprint, as well as requiring no loading time.

For example, if you wanted to block Doubleclick ads, you could add the following to your host file:

127.0.0.1 ad.doubleclick.net

or

0.0.0.0 ad.doubleclick.net

Another example, if you wanted to block Google Adsense ads, you could add the following to your host file:

127.0.0.1  pagead.googlesyndication.com
127.0.0.1  pagead2.googlesyndication.com
127.0.0.1  adservices.google.com

or

0.0.0.0  pagead.googlesyndication.com
0.0.0.0  pagead2.googlesyndication.com
0.0.0.0  adservices.google.com

The hosts file can also be used in malicious ways by the authors of Spyware and Viruses. It is similar to ad blocking with the hosts file, but instead of redirecting advertising servers to dummy ones, popular websites are redirected to an advertiser's server. This technique is known as Hijacking. The Qhosts Trojan hijacked many search engines such as Google and AltaVista and redirected them to a site specified by the author.

Other Malware such as Mydoom.B may just block the user from visiting sites about security and the removal of viruses. These sites included the makers of popular anti-virus software and Microsoft's Windows Update page to make the removal of the software more difficult for novice users.

How do you prevent hijacking of the hosts file? The only solution requires realtime monitoring software such as Microsoft AntiSpyware "Hosts Monitor", which will warn you if anything attempts to edit the hosts file. Changing the properties of the hosts file to read-only is completely ineffective. Malicious software can simply change the file's attribute value. Commercial software like ZoneAlarm and Spybot - Search & Destroy have a feature to "lock" the hosts file. This does nothing more than set it to read-only.

When a program hijacks the host file, it may be necessary to restore it.

1. Identify the location of the host file for your operating system
2. Create a backup copy
3. Open it with a basic text editor such as Notepad or vi
4. Remove all entries for the sites which are hijacked. Some may have been added for legitimate programs. Always be sure to back up your host file. By default, most systems will only have the following line:

127.0.0.1        localhost

1. Save the file
2. Restart your computer (Windows)

• SCoooBY's FAV FREE APPs SCoooBY's huge AD Blocking Hosts File.
• Hosts file project Comprehensive Hosts file by Andrew Short
• Blocking ads on the Internet with a list of ad server hostnames and IP addresses
• HOSTS Project A Massive listing of ad servers.
• Bluetack HOSTS File and Manager A massive HOSTS file based off of four other sources.
• The Webhelper One of the Bluetack HOSTS file sources.
• Andrew Clover Another Bluetack HOSTS file source, dealing with spyware/adware.
• Eric L. Howes contains many good links for security and HOSTS file related stuff.
• MVPS HOSTS another Bluetack HOSTS source, excellent HOSTS file.
• HPguru's HOSTS file his download and research site.
• Gorilla Design Studios HOSTS Outdated (since 2003) HOSTS file
• Mikes Ad-Blocking HOSTS file available as a direct download to merge in, or as an Installer.
• Dan Pollock's HOSTS File Pretty thorough website, lots of comments, lot of work went into this as shown in his credits.
• SSMedia HOSTS file and Utilities HOSTS file here, available in a weird upload, and then download what isn't there type format. Neat site.
• General Internet Security Forum requires registration to view the HOSTS file though...
• DataDragon's HOSTS file Another HOSTS file site, not updated anymore though.
• Aldo's HOSTS Manager 1.4 simple merge HOSTS file utility
• HostsMan 2.1 is a freeware application that lets you manage your Hosts file with ease.
• HOSTS File Myth Explains why using the HOSTS file to stop Malware is false security.