Project 4-32 ways to substitute a fraudulent IP address..- You can open it through the notepad, go to C:\windows\system32\drivers\etc\hosts
- Go Windows explorer and go to C:\windows\system32\driver\etc\hosts, right click hosts and open with notepad.
At the end of the "hosts" file texts, is where all the local host table address is found. To insert new webpage, input with this format -> [IP ADDRESS] -> TAB -> [NAME OF WEBSITE].
In this practical, i am going to insert a fraudulent IP address, this can be done in 2 ways. First way is to attack the DNS server, second way is to change the "local host table". Fraudulent IP address can lead users to wrong site, attackers use this advantage to bring the user to infected website.
Insert google ip address [74.125.47.99] and input name as [www.course.com]. When user type
http://www.course.com/, it will then link them to "74.125.47.99" instead. Which mean if the user wants to enter course.com it will then redirect to google.com instead, because the IP address is being changed.
Below: Show that i was redirected to google.com, "notepad" shows that the local host table is being editied.
P1062344 posted during Wednesday, June 2, 2010 at 6:25 PM
![[Powered by Blogger]](http://buttons.blogger.com/bloggerbutton1.gif){kind=small}