Host spoofing in Mac OS X

This is a handy way to test sites that are in the process of being moved from one domain to another, or even to create your own “invisible” internet.
Normally when a user requests something from a web-based domain, their computer will connect to a Domain Name Server (DNS) and request the correct IP address for that domain. As you can see for everything that is requested on a web site you will have at least one and possibly two net requests (one for the domain translation to ip and one for the asset itself) taking place. This can slow the whole process down.

What you can do is log a set of special domains (frequently used, personal, etc) in your /etc/hosts file. This is a kind of static file DNS server if you like. This is always consulted first and you can in fact use this technique to override any web address. By creating a web site that responds to requests on a certain domain (even if it’s not registered to that server) and by “spoofing the host,” you can create extremely secret / secure web servers as they have no visible presence on the internet, except to those users who have manually set their host files up.

We’ll be using vim which is a slightly nicer version of vi the linux/unix text editor. It’s a little unwieldy at first – all keyboard commands and odd-shortcuts but it’s a doddle to use once you’re comfortable with it.

Anyway, here’s how to do it:

1. open Terminal

2. type

sudo vim /private/etc/hosts

3. press I (for Insert)

4. scroll to the bottom

5. hit return to enter a space

6. type the following line

# TEMPORARY SPOOFED IP FOR TESTING

7. hit return to enter a space

8. type the following line

123.456.789.101 www.example_domain.com

where the ip address and the example domain are those that you wish to use

9. hit return to enter another blank line

it should look like this

# SPOOFED HOST
123.456.789.101 www.example_domain.com

10. hit escape

11. type

!wq

to save the file

¡IMPORTANT! You will have to re-start your mac to refresh it’s internal dns

Windows Users: It’s pretty much the same process, with the hosts file living in c:\windows\system32\etc\ (on WinXP) usually and you can edit the file notepad.

3 thoughts on “Host spoofing in Mac OS X

  1. NO NEED TO REBOOT

    my good friend Alan Ogilvie has just given me a handy tip.

    If you bring up a terminal window and type

    lookupd -flushcache

    that forces your Mac to clear and renew its DNS cache, meaning it should automatically update with the new spoofed addresses.

    This is handy if you’ve repointed a domain name and you’re waiting for it to propagate.

  2. Pingback: Yoshie

Leave a Reply