Take one DHCP server that allows you to set your hostname in DNS. Add a whole mess of workstations which are configured with the same search suffix as the DNS domainname. Then call yourself google. Set up a web server and catch all the people who are just typing "google" into their browsers. (I used a Python script to log the request, then 302 the user to google.com.)
host1.domain.edu - - [11/Apr/2008 14:38:27] "GET / HTTP/1.1" 302 -Optional: go phishing.
host2.domain.edu - - [11/Apr/2008 14:46:38] "GET / HTTP/1.1" 302 -
host3.domain.edu - - [11/Apr/2008 14:49:34] "GET / HTTP/1.1" 302 -
host4.domain.edu - - [11/Apr/2008 14:55:21] "GET / HTTP/1.1" 302 -
host5.domain.edu - - [11/Apr/2008 15:03:45] "GET / HTTP/1.1" 302 -
host6.domain.edu - - [11/Apr/2008 15:07:58] "GET / HTTP/1.1" 302 -
host7.domain.edu - - [11/Apr/2008 15:09:45] "GET / HTTP/1.1" 302 -
host8.domain.edu - - [11/Apr/2008 15:10:17] "GET / HTTP/1.1" 302 -
host9.domain.edu - - [11/Apr/2008 15:17:01] "GET / HTTP/1.1" 302 -
host10.domain.edu - - [11/Apr/2008 15:17:37] "GET / HTTP/1.1" 302 -
Optional part II: clobber the DNS entry for a legitimate host on the network and have REAL fun. (Yes, this works, at least in my environment.)
No comments:
Post a Comment