force webpage to a workstation?
Results 1 to 7 of 7

Thread: force webpage to a workstation?

  1. #1

    force webpage to a workstation?

    Hi sorry I havent looked through the FAQ yet for this but I figured it'd be a specific/complex enough question that it's not in the FAQ and my laptop's almost dead w/o my p/s around... hopefully this is just a quick answer for somebody with more knowlege than myself, I'll try to check tomorrow for any replies... can anyone explain to me (the theory) of ... say there's workstation A- logged on to the internet, surfing webpages, and there's workstation B (say someone like a spammer or advertiser who would want to deliver a webpage to workstation A for marketing purposes with their message and or slogan)...

    say workstation B wants to send- or rather *force* a page open (like a popup) on to workstation A's box... isn't port 80 in like a "listen" mode normally for requests?? or... basically what I'm wanting to know is what stops this?? Or is it not normally prevented? I will search the faq for how popups work... maybe that's what I should be reading to answer my question. Just in case, I'll post this. Thanks for any help!!

  2. #2
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    popups are normally generated by code on the web page you are looking at (very simple java) or by malware on your computer executing a script that causes programs like messenger or your internet browser to "pop up" a window pointing at a webpage. Generally pop up blockers work by prevent this code from fully executing. So work station B doesnt really do the work, it is just a script on your computer or on a web page you are looking at. To block pop ups, download firefox for one, run adaware/spybot/tons of other really good free tools and cheer as they delete all the bad scripts and prevent more from comming.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  3. #3
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    Originally posted here by XTC46
    run adaware/spybot/tons of other really good free tools
    I still can't believe in this day and age there is a need for this many tools in order to just keep your computer running. Sure everybody runs a firewall and an A/V scanner, but think about the time and processing power required to constantly run these tools to keep your computer running well enough to... well, run.

    I could advocate moving to Linux but that's not a topic here. What I will say is that if there is any crackdown on cybercrime the authorities should start with spammers first and foremost, phishers and scammers alike.

    Direct spamming could be done theoretically IMO. But AFAIK HTTP still uses SYN/ACK for communication, which means you'd need to access a site for the request to be valid. I guess spoofing a connection wouldn't be a big idea but... why bother when there's so many sites ripe with possibilities?
    /\\

  4. #4
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    Sure direct attacke are possible but the purpose of spam is to hit large amounts of people, direct attacks would take alot more resources then sticking malware on a box through an email or messing with the code for a web page.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  5. #5
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    Yeah it would take more resources from the attacker... it's no longer relay servers that are getting clobbered with spam, and direct attacks woould involve somewhat of a fixed base of operations [which a laptop in a netcafe parlour won't suffice for]

    But, theoretically speaking, it can be done... As said, there's no justifiable reason for a spammer to waste his/her time and money on something like that.
    /\\

  6. #6
    Junior Member
    Join Date
    Jul 2004
    Posts
    15
    scary... but related link http://www.evilscheme.org/defcon/


    -shell coder

  7. #7
    Senior Member
    Join Date
    Dec 2004
    Posts
    107
    I know I'm a little late, but if you were trying to redirect someone's browser, there are basically a few ways to do it. Posters before me indicated some of them, while there are still other ways to do it.

    For instance, if you had access to Workstation A's host file, you could set a random website (such as google) to direct to another page.

    I've had another problem with my Belkin Wireless router. The router would intercept a port 80 request every 8 hours and display their parental control ad page (much to my annoyance). I found out since, one has to turn this "feature" (in Belkin's words) off in parental controls, but as you can imagine, this was VERY unnerving especially if you were in the middle of, say, a credit card transaction or online homework. Makes you think what other kind of information Belkin intercepts, what they send to whom (maybe your web usage statistics in the best case scenario), etc...

    That's all I got, hope you're not using Belkin (for anything important).

    -ik

    P.S. thanks shell_coder for the excellent link
    Alright Brain, you don\'t like me, and I don\'t like you. But let\'s just do this, and I can get back to killing you with beer.
    -- Homer S.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •