Examine Unexpected Changes In Your /etc/hosts File

Updating hosts file is super easy! Any sed, echo, vim command will work.

You’re perfectly safe, if all changes only come from the automation. And your code is bug-free.

But in the reality, you might have surprises. Especially when people might change it manually.

My Suggestion? Before making any changes, confirm all customizations are expected. If not, abort the changes with proper alerting.

Update /etc/hosts With Everything Expected



Firstly try your best to avoid hacking /etc/hosts. If you have to, make sure all changes are designed and expected.

Well, I understand, we are not living in a perfect world. We get surprises occassionally.

Here are the typical ones:

  1. Wrong bindings will result in unexpected behaviors.
  2. Duplicated bindings are useless.
  3. Unexpected bindings may bit you later.

Update /etc/hosts With Everything Expected

Now we know all sorts of unexpected bindings. But How To Detect Them Easily?

Here comes python-hosts-tool.py in GitHub.

The tool asks a whitelist file as an input. Then it examines if any unexpected bindings are found. (Note: duplicated and conflict bindings also count.)

github_audit_hostsfile.png

So do you feel this way is safer than a reckless sed or echo command?

Even better, you can create a hourly Jenkins job to run perodical checks, if necessary.

Give it a try now. And let me know what you think.

More Reading:

linkedin
github
slack

PRs Welcome

Blog URL: https://www.dennyzhang.com/audit_hostsfile


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.