At 05:51 AM 04/02/2002 -0800, Major Variola (ret) wrote: >And Morloch: your replacing DNS (as a vulnerable point of >failure/control) is a good idea. Of course, >AOL does this, with their own name space. But without their tightly >herded masses, or access to the Root Servers >you'll have to write a browser plug-in, or background daemon that >modifies the resolver's behavior, or extendable resolver. You could >append to Windows (et al) "hosts" file, and the normal resolver would >pick that up. I'm surprised there are no attempts to do that, but then, >there's the Network (aka FAX) Effect operating here. Does that >baptista.god fellow write code?
Doesn't take much in the way of code - most Windoze versions are willing to let you tell them up to three DNS servers to use, though sometimes on dialup connections you'll have to haggle with them about whether to accept DNS server addresses from the dialup instead of your dedicated ones. That means that as long as you've got some DNS server other than 127.0.0.1 to resolve queries for you, you can simply point your PC there.
