Comments on: MYSPACE SPOOFING ON LAN

Question: MYSPACE SPOOFING ON LAN

bloodniece — Thu, 09 Feb 2006 06:20:51 -0800

Can I redirect a request for a website to another website? E.G. On our LAN: user types www.myspace.com, user goes to another FAKE myspace.com with alternate content urging employee to work instead of flirt.

Is there a software package or is there some kind of fancy proxy DNS stuff I can do. There is a web server on our LAN that I can set this fake page up on.
I block the site using group policies (WIN SERVER 2003), but we should have more fun than that.

By: rabbitsnake

rabbitsnake — Thu, 09 Feb 2006 06:26:36 -0800

HOST file redirection is an easy way to redirect DNS calls to other servers. Look up HOST file on google and you'll get plenty of hits.

By: popechunk

popechunk — Thu, 09 Feb 2006 06:29:18 -0800

set your intranet DNS server(s) to be authoritative for myspace.com. Set a wildcard entry pointing to a web server whose only page says GBTW.

By: craniac

craniac — Thu, 09 Feb 2006 06:44:30 -0800

You are evil. :)

It would be funny if the fake myspace site had fake members who all talked in their profiles about how much they enjoy work, and working, etc. and how they love to go out with people who work hard and don't surf the net all day. You could call it "workspace".

By: phillygee

phillygee — Thu, 09 Feb 2006 06:47:39 -0800

You could definitely use the HOSTS file to do this if you want

If you're using XP go into the
C:\WINDOWS\SYSTEM32\DRIVERS\ETC
folder and open up the HOSTS file with notepad.

From there just add the IP you want to redirect to then the site you want to redirect from.

127.0.0.1 localhost
11.222.33.444 www.myspace.com

Like that

If I'm correct, that should take the person going to www.myspace.com to whatever the site is at the IP of 11.222.33.444

By: echo0720

echo0720 — Thu, 09 Feb 2006 06:59:55 -0800

My company just started using Blue Coat Web Filter to block me from visiting sites like Questionable content and Dooce (jerks!). Right now, when I try to access one of the sites it says this:

Access Denied (content_filter_denied)

Your request was denied because of its content categorization: "Adult/Mature Content;Society/Lifestyle"

For assistance, contact your network support team, referencing FCH2_Bluecoat.

Your request was categorized by Blue Coat Web Filter as 'Adult/Mature Content;Society/Lifestyle'.
If you wish to question or dispute this result, please click here.

But it might let you customize the page...

I hope it doesn't log how many times I try to view these sites, b/c I just did it like 4 times

By: shepd

shepd — Thu, 09 Feb 2006 07:18:31 -0800

More complicated, but way, way, way more useful: Force all internet access through a squid caching proxy. Now you can filter ads, you can save bandwidth, *AND* you can do all that fun stuff you mentioned. Oh, you can also rewrite pages so that instead of banning them / redirecting them, you could force the top half of the page to remind them that if it isn't a work site, they're risking their jobs!

And yes, it's free...

By: popechunk

popechunk — Thu, 09 Feb 2006 08:25:34 -0800

If you do use the local DNS trick (which is like 5 minutes of work, btw), you might also wish to have your network guy null-route the real IP(s) for myspace.com.

This will stop the average bear. shepd's squid proxy is a lot more work, but is far more powerful, and you could probably even prevent your more net-savvy users from digging around for other proxies on the net, in order to get around your hosts/DNS rule(s).

By: teece

teece — Thu, 09 Feb 2006 08:35:41 -0800

I use a squid proxy for doing something like this (although my reasons are much less nefarious).

It's far more flexible than your /etc/hosts file.

By: RikiTikiTavi

RikiTikiTavi — Thu, 09 Feb 2006 08:48:27 -0800

There are many ways of doing this, many of them free. For a commercial solution, check out something like Packeteer's PacketShaper which also will, for example, detect and stop P2P traffic and do bandwidth allocation.

By: matthewr

matthewr — Thu, 09 Feb 2006 10:00:05 -0800

echo0720: "I hope it doesn't log how many times I try to view these sites, b/c I just did it like 4 times"

It almost certainly does. Sorry 'bout that.

By: drstein

drstein — Thu, 09 Feb 2006 11:24:02 -0800

The HOSTS file ideas are not that great. Yes, they work - if you want to go manually touch each machine (or push it out as a batch job)

The easiest way is to do it on the DNS end, as others have mentioned. Make your DNS server answer for *.myspace.com - bam. Problem solved.

By: bloodniece

bloodniece — Thu, 09 Feb 2006 18:04:09 -0800

Wow, thanks for all the great tips.
I'm really not evil. I check Metafilter throughout the day :), but there are a couple of abusers really taking time to blog on Myspace (over 40 minutes at a time.)

The guy I'm after is actually a friend so the reward will be sweet.
Onetime, I made an exact replica of his Myspace page, blogs and all. I'm obsessed about his obsession, doh!
cheers!