Ettercap Spoof Problem - (Message: apache/2.2.16 Server at www.xxx.com Port 80)

[Porsuk]

Hello everyone. First, I need to mention that I made a serious deep research before I am posting this. If you really know my answer is on google/this forum or somewhere please gently just say there is answer and I won't bother. I am seriously scared of posting something...

I am using dns_spoof plugin with ettercap (not gui). When I forward any website to any local ip or other websites ip's I receive this message when I try to connect those spoofed websites.

I changed etter.conf for ip tables. Changed etter_dns as I wanted. Then, ettercap -T -q -M arp:remote -P dns_spoof // (actually at this point I used almost every option that might have helped.) I am using Bt5 and all injection and other stuff works perfectly. Network card: Atheros AR5BXB63)

I am not using SET, just forwarding. Whatever I do I receive this message from all computer on the network when I type the spoofed websites:

Here, this is what explorer message looks like when I spoof www.cnn.com to www.toshiba.com...

Index of /
apc.php
chive/
mrtg/
mysql/
mysql2/
Apache/2.2.16 (Unix) Server at www.toshiba.com Port 80

I appreciate your help. I couldn't find any similar problem mentioned here. Again, if I am doing something seriously stupid, please tell me gently. I posted this after 15-20 days search. Just give me a clue, that's all I want. Thank you.

[thorin]

Doing a quick google search that index listing appears for a few different results. What IP addresses do www.toshiba.com and www.cnn.com resolve to when you're spoofing?