Can you find an hidden domain on a server? [closed]
It's not really clear what you are asking.
In the best case, the hacker has to know the IP address and the domain name in order to access the server. Someone who just happens to visit the IP address cannot easily discover the name of the web site if the server's default configuration does not reveal it.
The crucial question then is how exactly the system is set up and whether that configuration can be trusted to not leak the information you want it to protect. We have no information about this, so the short answer is simply "it depends."
Still, someone who knows which domain name you are likely to use and who is specifically striving to access this particular server could perhaps find out by some means which IP address you are connecting to. If they have visibility into the network you are connected to, they would just have to look where the packets from your computer are going in order to discover this.
Depending on the risk scenario, you might want to consider adding additional layers of security around the system. Perhaps require authentication in order to access the server (and/or require a private SSL certificate), and/or use a VPN to hide the destination of your outbound traffic.
No, it is not possible. You can only know which domains this server is ready to serve either by the brute force (which is infeasible), or from side channels.
But the way you presented the idea creates issues.
The first: you are hijacking some others's domain. Never do this. You own example.com
means you can do anything under this domain three, so better use e.g. abracadabra.example.com
or jeug982-gu9fg.example.com
, or buy another domain, but don't hijack other's domains. You may continue to use hosts
or you may consider adding it to the DNS — this wouldn't change much; DNS is also non-traversable (DNSSEC — with NSEC3), e.g. you can't list all subdomains of some domain and what I said about web server applies here: only brute force or side channel.
Second: don't assume this is secure. While in theory this could be considered as a shared secret (e.g. password), in practice nobody will consider this name as a secret. For example, browser will display it in clear on the screen, so anybody staring into your screen may see this very secret name. You may use secret domain name for site admin panel for improved security, but don't rely on it and still implement proper authentication.