Checking for a fully qualified host name for Linux systems

This topic provides information on how to verify a fully qualified host name for Linux®.

About this task

Linux uses a resolver library to obtain the IP address corresponding to a host name. The /etc/host.conf file specifies how names are resolved. The entries in the /etc/host.conf file tell the resolver library what services to use, and in what order, to resolve names. Edit the host.conf file using the vi editor to add the following lines:
# Lookup names through DNS first then fall back to /etc/hosts. 
order bind,hosts
# Machines with multiple IP addresses. 
multi on 
# Check for IP address spoofing.
nospoof on

The order option indicates the order of services. The sample entry specifies that the resolver library should first consult the name server to resolve a name and then check the /etc/hosts file. It is recommended to set the resolver library to first check the name server, bind file, and then the hosts file (hosts) for better performance and security on all your servers. You must have the DNS and BIND software installed for this configuration to work.

The multi option determines whether a host in the /etc/hosts file can have multiple IP addresses. Hosts that have more than one IP address are said to be multihomed, because the presence of multiple IP addresses implies that the host has several network interfaces.

The nospoof option takes care of not permitting spoofing on this machine. IP-Spoofing is a security exploit that works by tricking computers into a trust relationship that you are someone that you really are not. In this type of attack, a machine is set up to look like a legitimate server and then issue connections and other types of network activities to legitimize end systems, other servers, or large data repository systems. This option must be set ON for all types of servers.