[Chugalug] Odd EPB Behavior

Mike Harrison cluon at geeklabs.com
Wed Mar 5 00:31:31 UTC 2014


On Mar 3, 2014, at 12:30 PM, AverageSecurityGuy <stephen at averagesecurityguy.info> wrote:

> I think you guys are missing my point. If I go to http://66.18.36.99 I get Google’s home page 66.18.36.99 is an EPB address. Typically a caching server serves many URLs. I’ve not seen a caching server dedicated to one URL before.


The SSL Certificate appears to be a valid Google Cert signed by GeoTrust as is the server I get when I see: https://www.google.com via ComCast
at 173.194.37.20


Theories:

EPB runs a local google server, saves lots of bandwidth, they possibly share some ad revenue ? 

or 

EPB runs a fake local google server, so they can easily snarf your credentials or monitor your google use beyond what they can do otherwise. 

Have you tried asking anyone clueful at EPB about it?  

I cc’d Shane Sexton just in case he still monitors that email address. 







-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 671 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://chugalug.org/pipermail/chugalug/attachments/20140304/b9f71725/attachment.pgp>


More information about the Chugalug mailing list