Webpage Mirage

Imagine that you have a domain (some_domain.com) and want another domain (some_other_domain.com) to point to the same files. While there are a number of ways to do this if you are running your own servers, but if you are using a hosting provider, most options are not available to you - or only at an extra cost.

A few months back I came across a rather unusual solution. I asked my hosting provider to implement this for me, and what they did is the following.

<html>
<frameset border="'0'">
<frame src="'http://some_domain.com'">
</frameset>
</html>



The result of this is when you go to some_other_domain.com, you will get the above html file, which contains a full screen frame that is actually some_domain.com. In most cases, the important thing here is the address bar. The address bar will reflect some_other_domain.com.

Essentially there is a mirage that you are on one domain, when the content is really coming from another domain.

I recently came across another use for this workaround. I have several files and links that are helpful in pursuing a CCNA. Directory Browsing works great for the files. If I delete a file or add a new file, the change will be reflected to the user when they next browse the directory. The problem is then links. A windows shortcut will not work directly from directory browsing, the user would have to download it to their computer and then open it as a windows shortcut - which is also limiting it to the windows platform. So I came up with what I thought was a clever little solution.

I created a very simple html file that simply redirected you to the desired destination - the user would never even realize it happened.


<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<title></title>
</head>
<body>
Redirecting to <a href="http://www.securecottage.com/demo/rsa2.html">http://www.securecottage.com/demo/rsa2.html</a>
</body>
<script type="text/javascript">
window.location = 'http://www.securecottage.com/demo/rsa2.html';
</script>
</html>



This worked great until one of my peers told me that the back button didn't work. Moments later it clicked - of course back doesn't work, back brings you back to this page - which then redirects you to the originally-desired page. Ever had to fight with the back button! This is usually why!

While I know I could write some javascript that would solve this problem. I decided to use the mirage approach. So the above is now:


<html>
<FRAMESET border='0'>
<FRAME SRC='http://www.securecottage.com/demo/rsa2.html'>
</FRAMESET>
</html>


There is a drawback here though - now it appears that my domain is hosting the above page when it really isn't (by just looking at the address bar). But given that I am just looking for a simple solution for a link; this does it as well as solves the back button problem and even has fewer lines of html.

Server 2003 FTP to SSH

I recently found myself needing to setup an FTP server on my MS Server 2003 back home. No big deal right!

I knew FTP required 2 ports, 21 and 20. I am using RRAS (Routing and Remote Access Server[Service]), and had opened up ports before, no big deal.

So I opened the ports and was able to open a connection, SUCCESS! Then i entered ls to list out the contents of the directory, and FAILURE!. After too long (way too long) on google. I learned that their are two modes passive and active. In active, the server tries to open then data connection with the client. (http://slacksite.com/other/ftp.html) Of course NAT is going to frown on that so passive dominates. In passive the client chooses a server port >1023 and initiates with the server. This got me really confused, cause I thought it was going to be port 20. I really don't want to open up a big range of ports (>1023) for ftp.

In the end, I decided FTP's model of 2 ports doesn't work for me and went with SSH, minutes later I was up and running.

So I installed http://www.freesshd.com/ on my server. Using the GUI I was able to start the service, add a user, and choose my directory. In RRAS I closed my ftp ports and opened 22 for SSH. And voila!

For a client I was using FileZilla for FTP and "knew" it wouldn't work with SSH, but tried it anyway. It worked!

Curious, I even found a web shell http://www.anyclient.com which will allow me to SSH into my files without having to install a client (java based). Keep in mind that using a web shell like this defeats the security part of SSH. Your password is transmitted to anyclient.com in clear text before it even touches SSH.

In the end, I am very disappointed with FTP and very impressed with SSH. I was even more impressed by the FTP clients that allow me to use SSH as if it were FTP.

I hope that this helps someone.