Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Hostname Resolution

Training Camp • Cybersecurity Glossary

What is Hostname Resolution?

Translating a human-readable hostname like www.example.com into the IP address devices use to connect - handled mainly by DNS, plus local hosts files and caches.

Glossary > Network Security > Hostname Resolution

Hostname Resolution — Translating a human-readable hostname like www.example.com into the IP address devices use to connect

Understanding Hostname Resolution

Hostname resolution is the process of translating a human-readable hostname, such as www.example.com, into the numerical IP address that devices use to locate and communicate with each other on a network. It bridges names that people remember and the addresses that routing and switching actually use, and is a prerequisite for nearly every networked connection.

Resolution is handled primarily by the Domain Name System (DNS), but a host checks sources in order: it may first consult a local hosts file and its DNS cache, then query a configured DNS resolver. The resolver, if it lacks the answer, walks the DNS hierarchy - root servers, then the top-level-domain servers, then the domain's authoritative name servers - to obtain the IP address (an A record for IPv4 or AAAA for IPv6). The answer is cached for a time defined by its TTL to speed up future lookups.

Hostname resolution matters for security because it is a high-value attack surface: if an attacker corrupts it, they control where users actually connect. DNS cache poisoning, rogue hosts-file entries, and spoofed responses can silently redirect a victim from a legitimate site to a malicious one for credential theft or malware delivery. Because classic DNS is unauthenticated and was historically sent in plaintext, defenses like DNSSEC (which signs records) and encrypted transport such as DNS over HTTPS or DNS over TLS exist to protect the integrity and privacy of resolution.

For example, a user types www.example.com into a browser. The operating system checks its hosts file and cache, then asks its DNS resolver, which returns 93.184.216.34. The browser opens a connection to that IP. If an attacker had poisoned the resolver's cache to return their own server's address instead, the user would unknowingly connect to a malicious clone - illustrating why authenticated, encrypted resolution matters.

Learn More About Hostname Resolution:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →