Tuesday, June 21, 2005

Don't forget, you have a hosts file


I was playing around in my office today, and one of our very smart interns was working on setting up Remote Web Workplace such that he can do some testing. Unfortunatley, he didn't want to register a domain with his server, but still wanted to get the domain experience...

Using some old-school Windows technology, we figured it out. Simply by adding the server's IP address to the c:\windows\system32\drivers\etc\hosts file, we were able to make the server www.usa.gov, without actually getting the domain name.

Sure, it's brute force, and impossible to manage, but hey, it got the job done for a test environment when DNS needed to resolve the server name.

3 comments:

Anonymous said...

I've had clients in the past who were using login script pushes to distribute a common hosts file in environments where an internal DNS server was out of the question (don't ask).

Nowadays, "old-school" techniques like host file massaging are also being used by viral code and spyware to "hijack" individual machines after infection. In fact, when troubleshooting sporadic Internet access issues at client sites, our techs are instructed to check the hosts file for any mods.

It is a bit better now that SP2 has added alerting for hosts file changes. But we still face the issue of users not being sure what a hosts file is, and allowing a malicious change "just to make that stupid box in the corner go away."

Sean Daniel said...

I totally agree with you that it's a pain. XP SP2 doesn't show the toast for system changes, that's the Microsoft Anti-spyware remover, which I absolutely love. Although I totally do see your point, I have to force myself to read it, and barely read it when I'm installing applications.

happyfunboy said...

i too am a big fan of ms anti-spyware.

figured you might like this:

Top 10 Rides If Microsoft Owned Disneyland