[Chugalug] Odd EPB Behavior

AverageSecurityGuy stephen at averagesecurityguy.info
Mon Mar 3 17:30:17 UTC 2014


I think you guys are missing my point. If I go to http://66.18.36.99 I get Google’s home page 66.18.36.99 is an EPB address. Typically a caching server serves many URLs. I’ve not seen a caching server dedicated to one URL before.

--
Stephen Haywood
Owner, ASG Consulting
CISSP, OSCP
423.305.3700
asgconsulting.co



On Mar 3, 2014, at 12:14 PM, wes <wes at the-wes.com> wrote:

> This is expected behavior.
> 
> HTTPS works by having a certificate with the name of the site you're supposed to be accessing. The IP address is not the usual name of that site, so it's not included in the list of valid names on the certificate.
> 
> This is the reason we can only have 1 secure site on a web server: in order to have more, we have to have a single certificate with multiple names valid on it. This is hard to do, though some solutions have been coming out recently which make it easier.
> 
> -wes
> 
> 
> On Mon, Mar 3, 2014 at 8:53 AM, AverageSecurityGuy <stephen at averagesecurityguy.info> wrote:
> I’m sure that EPB does caching on its network but I’ve not seen anything like this before. If you go to http://66.18.36.99/ then you will get Google’s home page. If you go to https://66.18.36.99/ then Firefox complains that the cert is only for *.google.com. Is this typical caching behavior or is EPB, MiTM Google?
> 
> --
> Stephen Haywood
> Owner, ASG Consulting
> CISSP, OSCP
> 423.305.3700
> asgconsulting.co
> 
> 
> 
> 
> _______________________________________________
> Chugalug mailing list
> Chugalug at chugalug.org
> http://chugalug.org/cgi-bin/mailman/listinfo/chugalug
> 
> 
> _______________________________________________
> Chugalug mailing list
> Chugalug at chugalug.org
> http://chugalug.org/cgi-bin/mailman/listinfo/chugalug

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://chugalug.org/pipermail/chugalug/attachments/20140303/03f58652/attachment.pgp>


More information about the Chugalug mailing list