Fun with Hosts

FAIL (the browser should render some flash content, not this).

How to edit your hosts file to redirect urls, which is a fun way to play pranks at work or keep your kids off myspace!

Download in .ogv format

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

I am getting a

Anonymous's picture

I am getting a su:authentication failure , and how to do it using a sudo cmd. ty for the article :)

hackers know....

hoizonE's picture

hackers know that subverting the hosts file and dns's is as simple as using the ``host'' command and/or typing the url as
[http[s]?://] ip1.ip2.ip3.ip4 [:<80|8080|443>]

and when i say "hackers," what i mean is "kids trying their damnedest to access myspace"

they also happen to know that googling for domaintools.com will take them to a site that allows the finding of any dns/registrant info from a remote machine (ie. one that is not affected by the /etc/hosts or local dns changes). many other sites share this site ability (including most search tools, themselves).

and why not introduce this specific ability (changing expected hosts) from, say, iptables? that way, not only can you change the destination of myspace.com, but you can also log access attempts and log successful bypasses of the rule...

linux is not the only OS that has this nice little trick (M$, Sol, HPUX, BSD, et al., also have a hosts file to abide to).

microsoft doesn't exist!

Anonymous's picture

awesome. Now I can block websites on Linux without squid!

Oh, and I can make microsoft.com = youareanidiot.org.

w00t...

RE: Better ways...

Joe Tole's picture

Oh and djbdns keeps logs of all requests if you are really concerned about your kids going to microsoft.com. I know I would be. :O

Better ways...

Joe Tole's picture

When looking up a host name, you can use the command host or dig instead of ping. Ping sends extra data to the host when all you need is an IP address.

host -t a google.com
google.com has address 209.85.171.100
google.com has address 74.125.67.100
google.com has address 74.125.45.100

Also, DNS can be even more effective then a host file since DNS can do wildcards and afaik a host file cannot. djbdns is easy to setup for a cache (using dnscache) and tinydns as a resolver. You can tell dnscache to use a host of your choosing to resolve a domain name by creating a file named /etc/dnscache/root/servers/domain.tld with the IP. In this case you can run dnscache on your external IP and tinydns on your loopback. Create a file named /etc/dnscache/root/servers/microsoft.com which contains the IP address "127.0.0.1" where tinydns is listening and then create these entries in /etc/tinydns/root/data:

.microsoft.com:127.0.0.1:a
+microsoft.com:74.125.67.100
+*.microsoft.com:74.125.67.100

This will redirect all requests to anything.microsoft.com to the google IP address including www.microsoft.com, download.microsoft.com and even abc.def.ghi.jkl.microsoft.com. Wildcards FTW! ;)

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix