DNS on Linux, localhost & URL Anatomy

You already know DNS turns names into IPs. Now let's see where that happens on your own machine.

DNS mapping in Linux

Two files do most of the work:

• /etc/hosts, a manual, local list of name → IP mappings. Your computer checks this first, before asking any DNS server. Great for testing; also a classic place malware adds fake entries.
• /etc/resolv.conf, tells your system which DNS servers to ask when a name is not in /etc/hosts.

# /etc/hosts
127.0.0.1   localhost
10.10.10.5  target-01

The vocabulary that ties it together: a client sends a request, a server sends a response; DNS maps a domain name to an IP address.

Loopback / localhost

127.0.0.1  →  always points back to your own computer

127.0.0.1 (name: localhost) is the loopback address. Traffic to it never touches the network card, it loops straight back inside your machine. That is why developers run a local web server and visit http://127.0.0.1:8080 to test before anyone else can reach it.

Anatomy of a URL

A URL packs several of the things you have learned into one string:

https :// example.com : 443 / login ? next=/home
  │         │           │     │        │
scheme     host        port  path    query

• scheme, the protocol (https)
• host, the domain name (resolved by DNS) or an IP
• port, which service (often hidden; defaults to 443 for https)
• path, which resource on the server
• query, extra parameters after ?

Reading a URL well is a security skill: the difference between saarathiacademy.com and saarathiacademy.com.np (or a sneaky @ in the host) is exactly what phishing relies on, which is the next lesson.

Try it

In the terminal, cat hosts.txt to read a sample hosts file, and grep target hosts.txt to search it. Then dig example.com to see the DNS path that /etc/resolv.conf would send you down.