What is the relation between
/etc/hosts
and
/etc/hostname
?
What are the uses of these files? What security threat they can represent?
/etc/hosts
is usually used to maintain tables mapping hostnames to IP addresses.
This file contains one entry per line, consisting of an IP address, a hostname, and an optional list of aliases for the hostname. The fields are separated by spaces or tabs, and the address field must begin in the first column.
Each entry on
/etc/hosts
maps a hostname to an IP address.
By default, there are only two entries in the file:
(1) defines the loopback mapping, which maps the localhost name and the IP 127.0.0.1
(2) maps a name for the host with the explicit IP address of the machine's network adapter.
127.0.0.1 localhost.localdomain localhost
174.46.1.2 veuler
The
/etc/hosts
provides a simple form of hostname resolution, and you may choose to use it even if you're using other naming resolution mechanism, such as DNS or NIS.
To add or remove hosts, or to reassign addresses, all you have to do is update the hosts file on all hosts.
You should try to keep the
/etc/hosts
file as short as possible. You can use the file to map all the hosts within a small private LAN, since this may improve performance of address resolution for the hosts within the local network. This is because it would be faster for an application to check the local
/etc/hosts
, than to send a request to the name server. However, for hosts outside the LAN, the general rule of thumb is that if a particular host has a DNS entry, it has no place in
/etc/hosts
.
The approach of using
/etc/hosts
as the network naming system, however, is suitable only for networks with a small number of hosts. As the number of hosts increases, the cost of maintaining
/etc/hosts
files in each server grows exponentially. This problem is similar to that faced by telephone companies in the
early years of the telephone system.
The file
/etc/host.conf
allow you to configure the order in which the resolver will use the various naming resolution mechanisms available on your network. You may also use this file to direct all applications to use
/etc/hosts
exclusively.
The entries in
/etc/host.conf
tell the resolver library what services to use, and in what order to resolve names.
# /etc/host.conf
# first check the local file, then send a request to DNS
order hosts bind
# Allow multiple addrs
multi on
option:
order
determines the order in which the resolving services are tried. Valid options:
bind
- for querying the name server
hosts
- for lookups in /etc/hosts
nis
- for NIS lookups
option:
multi {on|off}
Determines if a host in
/etc/hosts
is allowed to have several IP addresses (whether a server can be ``multi-homed''). The default value is off.
/etc/hostname
You can
temporarily set the hostname to
name with the command below. Remember that this change will be lost during the next reboot, however.
# hostname name
// usually you use this command to set the unqualified hostname
// so you would use 'vlab1' rather than 'vlab1.ptu.edu'
So,
how to find out and/or change the name of a host?
To
find out the name of a host, just type the command below. It will display the contents of the file
/etc/hostname
:
# hostname
veuler
To
see the fully qualified domain name of the host, you can either
(a) check
/etc/hosts
or
(b) use
# hostname --fqdn
veuler.math.ptu.edu
To
permanently change the name of a host you need to
update the
/etc/hosts
file. This ensures that the new name will persist after the next restart.
When an application needs to find out the name of the host where it is running, it often does it through a call to a function in the
resolverlibrary, which, on Linux, are part of the standard
libc. These functions check the
/etc/hosts
file for the hostname.
Sources:
Linux Network Administrators Guide (Kirch and Dawson 2000).
Hacker Linux Uncovered (Flenov 2005).