An unprotected Windows computer connected to the Internet is in danger of being broken
into by outside intruders who continuously scan the Internet for security holes. Many
computers use a firewall for protection. Unfortunately, firewalls can be bypassed by clever
The Imaginary Web Server makes the attackers think that they have found a web server
which is no longer active. When they come to your computer, the server will give them an
error message and send them to some imaginary
place on the web. Now, don't worry, you will not be sending them to some
unsuspecting web site! Whiz Kid Technomagic has secured the imaginaryplace.com domain and
delegated the some.imaginaryplace.com subdomain, so they will, indeed, find the "new"
location of "your" web site. They will go there and leave your computer in peace.
Meanwhile, your computer remains perfectly safe from these attackers. No matter what
file they try to access on your computer, no matter what command they try to execute on
your computer, your Imaginary Web Server always reacts the same way. It never lets them
access the inside of your computer but always sends them off.
Some attackers try a different approach. Instead of trying to get to your files, they try
to upload files to your system. Often these are scripts or programs they want to run on your
computer. The Imaginary Web Server will, again, tell them there no longer is anywhere left
to upload files on your system and will send them away. Some attackers try to upload huge
files, just to keep your system busy and to slow down your Internet access. The
Imaginary Web Server just shuts the door on them. Other attackers try to sneak in a hidden
web server on your system and let that server cooperate with the attackers. But only one web
server can exist on your computer. With the Imaginary Web Server running, they cannot run.
And if they manage to start running first, the Imaginary Web Server will tell you that another
web server is already running (see the image in the upper right corner), so you can find it
and disable it.
Under normal circumstances, the Imaginary Web Server stays completely out of your way.
Once it is installed on your system, it runs automatically, even after you restart your
computer. If an attacker tries to access a web server on your system, the Imaginary Web
Server will send him away as described above. If some software tries to open up its
own web server, it will fail. And if it installs itself and run as soon as Windows
boots up and before it loads the Imaginary Web Server, you will see the error message
and know that some software created a secret web server. That is the only time you will
hear from the Imaginary Web Server.
If, some day you decide that you want to run a real web server on your system,
simply uninstall the Imaginary Web Server and reboot your computer. If you only want to
disable the Imaginary Web Server temporarily, press ctl-alt-delete. Windows will
present you with the Windows Task Manager. Select imaweb.exe from the
Processes section of the Manager and click on End Process. The Imaginary
Web Server will stop running. It will start running again once you restart Windows. Of course,
if you uninstall it, it will be gone completely and not run again (unless you reinstall
Any time you want to make sure that the Imaginary Web Server is really running, open
your web browser and type http://localhost in the address
window. Just about every modern computer is automatically configured to refer to any
local server as localhost. Alternately, you can just type in http://127.0.0.1, which, again, is your computer's own
IP address. Either address is visible only to your computer. And if Imaginary Web
Server is running on your computer, it will tell your browser to go to some imaginary place,
and it will. That is how you can test whether the Imaginary Web Server is properly
installed and running on your computer.
And feel free to test that the Imaginary Web Server always sends away anyone who is
trying to sneak in on you. No matter what tricks they try: http://127.0.0.1/cmd.exe, http:127.0.0.1/../../../", or even http://127.0.0.1/cgi-bin/default.asp,
it will always, always, always send them away from your computer. Of course, this
only works if you have the Imaginary Web Server installed on your system. Otherwise,
if you are lucky, any of those links will just fail. If you are not lucky,
however, all bets are off. You may be lucky today, and not tomorrow. Do not take your
chances, download the Imaginary Web Server now and install it on your computer.