Some1 "mirror" my website with an address

**709394** · 08-12-2006, 04:53 PM

Let me explain. I have created a dynamic website, http://mywebsite.com/ and I found out that there is a website( http://somewebsite.com) that is exactly the same as mine. At first, I thought that my server was hacked and some1 stole my source code and dumped at http://somewebsite.com. But when I change the content on http://mywebsite.com/, the changes appear at http://somewebsite.com.

I have no idea what is happening to my website? Can some1 help?

**deathadder** · 08-12-2006, 05:06 PM

That could easily be done by setting the IP address held by a DNS server for somewebsite.com to the IP address of the server running mywebsite.com.

**709394** · 08-12-2006, 05:15 PM

In that case, what can I do? I don't own http://somewebsite.com.
I thought that I own the IP of mywebsite.com and no 1 can use it.

**je_fro** · 08-12-2006, 06:36 PM

anyone can redirect traffic to any IP. I could point jeffrey.homelinux.org to justlinux.com if I wanted.

**709394** · 08-12-2006, 07:40 PM

If, as a user, I enter my username and password through jeffrey.homelinux.org instead of justlinux.com, will the 1 controlling jeffrey.homelinux.org be able to get the username and the password?

**je_fro** · 08-12-2006, 11:05 PM

Yes, that could be what they're after...capturing the username and passwords of people who think they are logging into your server.

**bwkaz** · 08-13-2006, 03:19 PM

Originally Posted by 709394

If, as a user, I enter my username and password through jeffrey.homelinux.org instead of justlinux.com, will the 1 controlling jeffrey.homelinux.org be able to get the username and the password?

Absolutely not, IF all that they control is the DNS. Because HTTP (or web-form based) authentication does not happen across DNS, it happens over HTTP, and if they're serving up a DNS record that points to the same IP as justlinux.com, the actual HTTP traffic will still only be going to justlinux.com.

Now, if they've set up a site that (for some reason) just proxies over to the "real" site (by taking your request, re-submitting it to the real site, then returning whatever comes back), then yes, they might be able to get the username and password. That's why login screens should always be HTTPS protected. (And yes, I know, JL's is not. Not much I can do about that one though.)

**soulestream** · 08-13-2006, 05:06 PM

2 questions.

How long was this? Did you just setup the website? If so DNS may have not had enough time to catch up.

How do you know that? How does one find out that another domain is linking to them? Are you sure you don't have two domains. For instance i have soule.homelinux.com and mysite both listed from dyndns. They point to the same address, which I did on purpose.

Guess that was more than 2.

Soule

**je_fro** · 08-13-2006, 07:26 PM

I was thinking this is a situation like if I were to register jjustlinux.com and make pages that look exactly like the justlinux.com main page and login page. That way, I could trick users who make typos into giving up their name/pass. But I guess this is a different situation.

Thread: Some1 "mirror" my website with an address

Thread Tools

Display

Some1 "mirror" my website with an address

Posting Permissions