Whilst being paranoid is a good thing, I don't see how (1) affects your situation. Whilst IP addresses can be spoofed, the sending of a packet with a spoofed IP address will never get a response from your server (because the server will send the response back to the spoofed source IP, not the sender's actual IP address). So what use is a spoofed IP address? It can be used to send a one-packet payload that might compromise your server, or it can be used to cause a DoS attack by opening TCP connections that the server isn't going to timeout quickly enough, or if the attacker can also hack routers, they may be able to have a response routed back to them (not usually an issue on the public internet). Cheers Ken -----Original Message----- From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Jon Molesa Sent: Thursday, 30 August 2007 10:56 AM To: thelist at lists.evolt.org Subject: Re: [thelist] 404 a Whole Sub-Domain Answer 1) Because IP's can be and are spoofed. or 2) Because I'm paranoid. :-) Basically the parking page confirms that a site exists at that address even though I have deny all in .htaccess. The welcome.conf on Redhat is has priority over .htaccess for no default index. I want to override that. *On Wed, Aug 29, 2007 at 04:40:59PM -0700 Brady Mitchell <mydarb at gmail.com> wrote: > Date: Wed, 29 Aug 2007 16:40:59 -0700 > From: "Brady Mitchell" <mydarb at gmail.com> > To: "thelist at lists.evolt.org" <thelist at lists.evolt.org> > Subject: Re: [thelist] 404 a Whole Sub-Domain > > > I'm looking for a way to 404 a whole sub-domain. > > > > I'm setting up a webservice on the sub-domain for internal use. I've > > got traffic deny except for a particular IP in .htaccess. I have a > > default page setup in /etc/http/conf.d/welcome.conf as a parking page. > > I either need to overide that, or just create an index.html that spits > > out 404 headers. > > I must not be understanding the problem properly. If you're denying > access to all but the one IP address that you want to have access to > this system, why do you need the additional 404? > > Brady > -- > > * * Please support the community that supports you. * * > http://evolt.org/help_support_evolt/ > > For unsubscribe and other options, including the Tip Harvester > and archives of thelist go to: http://lists.evolt.org > Workers of the Web, evolt ! -- Jon Molesa rjmolesa at consoltec.net if you're bored or curious http://rjmolesa.com -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !