Re: Newbie Questions: How-to monitor/control unauthorized uses of our IPs and DNS zones?

• Previous message (by thread): Newbie Questions: How-to monitor/control unauthorized uses of our IPs and DNS zones?
• Next message (by thread): Newbie Questions: How-to monitor/control unauthorized uses of our IPs and DNS zones?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Monday, 23 August, 2021 10:19, "Karl Auer" <kauer at biplane.com.au> said:

> You could block inappropriate inbound requests, but not knowing what is
> on the web servers makes that an infinite set of possibilities. So you
> would really have to permit only appropriate inbound requests. On
> anything but a trivial server the set of appropriate inbound requests
> could be very, very large. Not to mention that rewrite rules and
> suchlike could be blurring the difference between appropriate and
> inappropriate on a web server where the configuration is possibly in
> the hands of the bad guys.

That's a good point - I was thinking solely in terms of the DNS-based / simple vhost stuff, where a client is requesting 'Host: www.badguys.com' from an IP address that "should" only be serving www.mystuff.com.

www.mystuff.com/secret/content/here/badguys.com/ is the obvious and trivial workaround, I'm sure there are much more sophisticated ways to do it.

But we may both be talking about the wrong thing until Pirawat confirms :)

Regards,
Tim.

• Previous message (by thread): Newbie Questions: How-to monitor/control unauthorized uses of our IPs and DNS zones?
• Next message (by thread): Newbie Questions: How-to monitor/control unauthorized uses of our IPs and DNS zones?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]