From owner-freebsd-questions  Tue Apr  9 20:33:29 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from raiden.jasnetworks.net (raiden.jasnetworks.net [65.194.248.251])
	by hub.freebsd.org (Postfix) with ESMTP id C85A337B417
	for <freebsd-questions@FreeBSD.ORG>; Tue,  9 Apr 2002 20:33:26 -0700 (PDT)
Received: from works (works.jasnetworks.net [192.168.0.2])
	by raiden.jasnetworks.net (8.11.6/8.11.6) with ESMTP id g3A3d7002223
	for <freebsd-questions@FreeBSD.ORG>; Tue, 9 Apr 2002 23:39:08 -0400 (EDT)
	(envelope-from raiden23@netzero.net)
Message-Id: <4.2.0.58.20020409233418.0095a220@pop.netzero.net>
X-Sender: raiden23@pop.netzero.net (Unverified)
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 
Date: Tue, 09 Apr 2002 23:39:51 -0400
To: freebsd-questions@FreeBSD.ORG
From: Lord Raiden <raiden23@netzero.net>
Subject: Good spoof page for Apache??
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

	Hi all.  I'm looking at taking one of our servers that's supposed to be 
for office use only and open it up to the outside.  There's nothing secure 
on it, but I don't want just anybody surfing to it and browsing around.  So 
what I was thinking of doing was in order to fool the average joe who might 
get there by accident or intentionally, I want them to think they have 
recieved a standard browser error and then leave.

	I've thought about modifying the browser error that IE gives, but I'm not 
sure that will work.  I want it to look like a legitimate client side error 
when they hit the website, yet I want those who know the proper access URL 
to still be able to access the site remotely.  For example, "mydomain.com/" 
would show the mock error, yet "mydomain.com/login.cgi" would still get 
them to where they needed to go.  I just need a way to spoof an error, not 
generate a real one to help keep out nosy bypassers.  Any ideas?

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message