> -----Original Message-----
> From: JobOberio - My List Mail [mailto:mylistmail at gmail dot com]
> Sent: Thursday, 16 December 2004 06:16
> im curious about this idea.
> i know this is bad, but for education purpose only.
> and i will not do this
> you can add a dns map to your monowall
> YAHOO.COM to 192.168.1.2
> in your 192.168.1.2 webserver
> you create a similar content for yahoo.
> when your user type yahoo.com in your browser,
> they will be redirected to 192.168.1.2 unknowingly
> your users sign-in into the spoof yahoo site.
> i never done this, so any comments?
This has been a standard way for many, many years to block/redirect
sites internal to your network. For example, if you host a website -
say, www.example.com - in your DMZ, then typing "www.example.com" from
in your LAN will generally cause an error to be displayed as the
firewall will not route packets from the Internet claiming to be from
the local subnet, to the DMZ. So placing "172.16.1.21 www.example.com"
in the hosts file on the firewall resolves this issue.
Also, it has been a standard way for many, many years to block access to
popup generating sites and sites with "questionable" content - redirect
these to 127.0.0.1 or another web server on your LAN that serves "No
Ads" type images.
So, as an administrator of your LAN, if you choose to use these methods
for nefarious purposes, in a business environment you should (with any
luck) end up in jail. If it is a home LAN, then you should end up with
a good ar53 kicking. :)
Hilton Travis Phone: +61 (0)7 3344 3889
(Brisbane, Australia) Phone: +61 (0)419 792 394
Manager, Quark IT http://www.quarkit.com.au
Quark AudioVisual http://www.quarkav.net
http://www.threatcode.com/ <-- its now time to shame poor coders
into writing code that is acceptable for use on today's networks
War doesn't determine who is right. War determines who is left.