What exactly is the use of IP address 127.0.0.1? Alright, I heard it’s a
loop-back address. Well, why exactly is it called a loop-back address or local
host? What exactly does it do? I use a VPN (Hotspot Shield) and they have
disabled torrents. Now, I heard that someone said to use this proxy 127.0.0.1
with port 8118. Now, my question is what exactly happens when you use this loop
back address? Is your default IP exposed? I’m just confused with this IP
address?
In this excerpt from
Answercast #60, I look at ways to use a loop-back IP address on a
computer.
Localhost IP address
127.0.0.1, more frequently referred to as local host, is a special case IP
address. It is an IP address that is always defined to be “this machine.”
So, if you’re on a machine that is trying to connect to 127.0.0.1 in effect,
the connection loops back. In other words, the machine tries to go out to
connect to that IP address but instead, it comes back and connects to itself.
That’s why they call it a loop back. If you try and connect out to 127.0.0.1,
it will actually appear as an incoming connection as well on that IP
address.
Anything you send out to that IP address goes to your machine; the same
machine that you’re sending from.
Now, why would that be used? Well, it’s used in many cases because you want
to fool a piece of network software, a piece of software that is expecting to
connect to some other machine on the net. You want to fool it so that instead,
it connects to other software on your own machine.
You can always define 127.0.0.1 as your own machine, “local host.”
Proxy server/software
Now, most commonly what happens is you end up running some kind of proxy
server/software on your machine and what it does is it starts listening on
127.0.0.1. It listens for connections. You then configure your software to use
the local host address. When it connects out to that address, it’s looped back
to the same machine where this proxy software is then listening for the
connection and connects to it.
So, it’s a way (like I said) to fool software that expects to connect to
another machine out on the internet to instead connect to software running on
the same machine.
Now, in the example that you’ve described, when you are using a proxy of
127.0.0.1 with port 8118, that won’t work without something else. There has to
be some kind of proxy software running on that machine that is listening on
port 8118 in order for whatever that is to work. So, there’s some instructions
here that are missing. There’s something going on here that hasn’t been
completely defined.
Typically, when proxy software is run on your own machine, the local host
address is a quick way to fool things like internet browsers or email programs
or whatever to connect to this software running on your machine instead of to
some remote software.
Next from Answercast #60 – Who is it safe to give my passwords to?
Leo,
I would love an article where you expand on this by explaining how the bad guys exploit it. I tend to learn best when I see something from two different angles and you have a way of making things more understandable when I’m just on the edge of understanding. Also, anyone else can feel free to expand on the forum too….I just can’t seem to wrap my mind around this localhost thing.
…OH, and how does the “HOSTS” file play into this?
The HOSTS file thing is actually pretty straight-forward, once you understand how web browsers access content on the internet.
Browsers get the content by going to a specific numerical address (e.g. 1.2.3.4). But since we humans would have a hard time remembering all those numerical addresses, we use names (e.g. ask-leo.com). So the first thing a browser does is look up the numerical address, and the first place it looks is the HOSTS file on your computer (mine is at c:\Windows\System32\Drivers\Etc).
By adding entries to the HOSTS file, you can redirect where the content is accessed from. For example, an entry of
127.0.0.1 ad.doubleclick.net
would tell your browser to access the content of ad.doubleclick.net on your own computer. And since you are not running a web host on your computer, or even if you are, you probably don’t have the file the browser is looking for in the correct directory structure, the browser can not access the content.
I use this to block a lot of the annoying advertising that are on websites that I frequent – you know, like that flashy ad that says in giant print that “hot singles in my area are dying to meet me”? You only need to get a few of the big advertising websites and suddenly the amount of advertising you see goes way down.
Of course hackers who could gain access to your HOSTS file (perhaps through getting you to unknowingly install a new HOSTS file) could wreak havoc. They could for example, make up an entry like:
1.2.3.4 yourbank.com
They could then set up a server at 1.2.3.4 that mirrors your bank’s website and get your banking information.