Anthony Oteri wrote:
It also just occured to me, that you could simply use a virtual host
in your apache configuration instead of running another instance of
the web server. Simply set up a virt host on a high port, include the
redirect in pf, and have the virtual host serve from a different
directory
This seems like a good opportunity, but remember, you're seeking to DENY a hostile
aggressor access to your webserver software. Netcat'ing something to them is a much more
bulletproof option. If you find a remote exploit in netcat, I'll give you a prize.
I actually used to do something just like this, but using cat inside of inetd.conf to
barf up a static error page from servers that people might have mistakenly accessed.
--
Chris 'Xenon' Hanson | Xenon @ 3D Nature | http://www.3DNature.com/
"I set the wheels in motion, turn up all the machines, activate the programs,
and run behind the scenes. I set the clouds in motion, turn up light and
sound,
activate the window, and watch the world go 'round." -Prime Mover, Rush.
