Hi everybody, The recent discussion on the IE bookmark problem made me think of some other ways you could force sombody to point their browser somewhere they were not intending to. My apologies if this is already well known and i'm wasting bandwidth. (which is probably the case) You will end up at abcnews.com instead of hotmail.com in this example Open up your windows host file and add an entry like: 204.202.136.30 www.hotmail.com I tested this with Netscape 4.08 Win98SE with proxies turned off. Now open up your web browser and tell it to go to www.hotmail.com if your proxy server settings are not forced you should end up at www.abcnews.com. I know this is silly, and rather obvious... just remember... this is not just limited to the web browser, your curcumventing a DNS lookup. eg: C:\WINDOWS>ping www.hotmail.com Pinging www.hotmail.com [64.4.44.7] with 32 bytes of data: Control-C C:\WINDOWS>echo 192.168.1.2 www.hotmail.com >> hosts C:\WINDOWS>ping www.hotmail.com Pinging www.hotmail.com [192.168.1.2] with 32 bytes of data: Reply from 192.168.1.2: bytes=32 time=38ms TTL=255 Ping statistics for 192.168.1.2: Packets: Sent = 1, Received = 1, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 38ms, Maximum = 38ms, Average = 38ms Control-C Tested the same thing under linux too... no suprises really I spose just something to ponder... Keep a tripwire DB. One last thing which is kind of off topic... has anybody seen some good papers that discuss loose source routing ? and how to set up a packet with LSR ? Suggestions, comments welcome. .MetsyS.
This archive was generated by hypermail 2b30 : Mon Aug 20 2001 - 09:03:19 PDT