RE: (lame) spoofing DNS with hosts files...

[John Thornton <jthornton () hackersdigest com>]

Of course, this is not a security hole at all. Windows has the same 
feature. On NT or 2000 you can find the hosts file in 
%sysvol%:\WINNT\system32\drivers\hosts. Its a easy way to use a friendly 
name without having to mess with a DNS server. 

Yes, you could perform a MiM (Man in the Middle) attack by redirecting 
traffic to another site however it would require physical access 
to the machine, on top of that unless you know what you are after 
its not worth the headache. It would make more since to edit the 
proxy settings and catch all the web traffic with a MiM attack and 
a lot easier to do.

John Thornton  -  jthornton () hackersdigest com
Editor in Chief
Hackers Digest -  www.hackersdigest.com

H   A   C   K   E   R   '   S      D   I   G   E   S   T
-----------------------------------------------------------------
#1 for propeller heads
-----------------------------------------------------------------
www.hackersdigest.com