[Chugalug] Odd EPB Behavior

wes wes at the-wes.com
Mon Mar 3 17:14:05 UTC 2014


This is expected behavior.

HTTPS works by having a certificate with the name of the site you're
supposed to be accessing. The IP address is not the usual name of that
site, so it's not included in the list of valid names on the certificate.

This is the reason we can only have 1 secure site on a web server: in order
to have more, we have to have a single certificate with multiple names
valid on it. This is hard to do, though some solutions have been coming out
recently which make it easier.

-wes


On Mon, Mar 3, 2014 at 8:53 AM, AverageSecurityGuy <
stephen at averagesecurityguy.info> wrote:

> I'm sure that EPB does caching on its network but I've not seen anything
> like this before. If you go to http://66.18.36.99/ then you will get
> Google's home page. If you go to https://66.18.36.99/ then Firefox
> complains that the cert is only for *.google.com. Is this typical caching
> behavior or is EPB, MiTM Google?
>
> --
> Stephen Haywood
> Owner, ASG Consulting
> CISSP, OSCP
> 423.305.3700
> asgconsulting.co
>
>
>
>
> _______________________________________________
> Chugalug mailing list
> Chugalug at chugalug.org
> http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://chugalug.org/pipermail/chugalug/attachments/20140303/8b59f9fe/attachment.html>


More information about the Chugalug mailing list