|
||||||||
Hi Job, > -----Original Message----- > From: JobOberio - My List Mail [mailto:mylistmail at gmail dot com] > Sent: Thursday, 16 December 2004 06:16 > > hi, > ------------------------------ > im curious about this idea. > i know this is bad, but for education purpose only. > and i will not do this > --------------------------- > > you can add a dns map to your monowall > > YAHOO.COM to 192.168.1.2 > > in your 192.168.1.2 webserver > you create a similar content for yahoo. > > when your user type yahoo.com in your browser, > they will be redirected to 192.168.1.2 unknowingly > > your users sign-in into the spoof yahoo site. > > i never done this, so any comments? This has been a standard way for many, many years to block/redirect sites internal to your network. For example, if you host a website - say, www.example.com - in your DMZ, then typing "www.example.com" from in your LAN will generally cause an error to be displayed as the firewall will not route packets from the Internet claiming to be from the local subnet, to the DMZ. So placing "172.16.1.21 www.example.com" in the hosts file on the firewall resolves this issue. Also, it has been a standard way for many, many years to block access to popup generating sites and sites with "questionable" content - redirect these to 127.0.0.1 or another web server on your LAN that serves "No Ads" type images. So, as an administrator of your LAN, if you choose to use these methods for nefarious purposes, in a business environment you should (with any luck) end up in jail. If it is a home LAN, then you should end up with a good ar53 kicking. :) -- Regards, Hilton Travis Phone: +61 (0)7 3344 3889 (Brisbane, Australia) Phone: +61 (0)419 792 394 Manager, Quark IT http://www.quarkit.com.au Quark AudioVisual http://www.quarkav.net http://www.threatcode.com/ <-- its now time to shame poor coders into writing code that is acceptable for use on today's networks War doesn't determine who is right. War determines who is left. |