From owner-freebsd-questions  Wed Apr 10 12:25: 4 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from tomts13-srv.bellnexxia.net (tomts13.bellnexxia.net [209.226.175.34])
	by hub.freebsd.org (Postfix) with ESMTP id A9FF737B43C
	for <freebsd-questions@FreeBSD.ORG>; Wed, 10 Apr 2002 12:24:38 -0700 (PDT)
Received: from xena.gsicomp.on.ca ([65.95.178.46])
          by tomts13-srv.bellnexxia.net
          (InterMail vM.4.01.03.23 201-229-121-123-20010418) with ESMTP
          id <20020410192437.GZJY25090.tomts13-srv.bellnexxia.net@xena.gsicomp.on.ca>;
          Wed, 10 Apr 2002 15:24:37 -0400
Received: from xena.gsicomp.on.ca (xena.gsicomp.on.ca [192.168.0.3])
	by xena.gsicomp.on.ca (8.11.3/8.11.3) with ESMTP id g3AJD7705293;
	Wed, 10 Apr 2002 15:13:07 -0400 (EDT)
	(envelope-from matt@xena.gsicomp.on.ca)
Date: Wed, 10 Apr 2002 15:13:07 -0400 (EDT)
From: Matthew Emmerton <matt@gsicomp.on.ca>
To: Lord Raiden <raiden23@netzero.net>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Good spoof page for Apache??
In-Reply-To: <4.2.0.58.20020409233418.0095a220@pop.netzero.net>
Message-ID: <Pine.BSF.4.21.0204101512030.5286-100000@xena.gsicomp.on.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


Rather than going ot all the trouble of "spoofing", why not have Apache
return a 403 error (authorization required) for people accessing outside
of the office.  You can do this based on IP (although I don't have any
examples handy.)


-- 
Matthew Emmerton      || matt@gsicomp.on.ca
GSI Computer Services || http://www.gsicomp.on.ca

On Tue, 9 Apr 2002, Lord Raiden wrote:

> 	Hi all.  I'm looking at taking one of our servers that's supposed to be 
> for office use only and open it up to the outside.  There's nothing secure 
> on it, but I don't want just anybody surfing to it and browsing around.  So 
> what I was thinking of doing was in order to fool the average joe who might 
> get there by accident or intentionally, I want them to think they have 
> recieved a standard browser error and then leave.
> 
> 	I've thought about modifying the browser error that IE gives, but I'm not 
> sure that will work.  I want it to look like a legitimate client side error 
> when they hit the website, yet I want those who know the proper access URL 
> to still be able to access the site remotely.  For example, "mydomain.com/" 
> would show the mock error, yet "mydomain.com/login.cgi" would still get 
> them to where they needed to go.  I just need a way to spoof an error, not 
> generate a real one to help keep out nosy bypassers.  Any ideas?
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message