|
Let's say amazon.com is normally 208.1.2.3
I hack your dns and it now thinks that amazon.com is 208.4.5.6.
We are NOT talking about redirects which take you from amazon.com to
fraud.com! Your URL still says amazon.com even though you are going to
the wrong IP address. And what user verifies the IP address? Now, if
your browser allows self signed certificates then I simply selfsign a new
certificate to amazon.com and put it on my fraudulent 208.4.5.6 site.
Then, as far as you know you are at the real amazon.com
Ok, internally. I know that if I go to corp.dekko.com it should be an
internal site. That should be safe, right? On there you enter a user and
password and look at your W2 information. So now I hack our DNS and point
it to an outside address with a selfsigned certificate and as far as you
know you're still using the internal site, right? Again, what user checks
the IP address? After all, the URL still says corp.dekko.com, right?
Again, we are NOT talking about redirects! This is why many sites do not
even allow them to work internally. Because you may say it's internal and
should be trusted. But that can easily be hacked.
Rob Berendt
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
