how can you verify that the site you get is not a fake?
Paul Howarth
paul at city-fan.org
Mon Jun 6 07:08:06 UTC 2005
On Sun, 2005-06-05 at 23:31 +0200, Andy Pieters wrote:
> Hi Bruce
>
> I will answer your question with an example
>
> Let's say you want the site www.google.com
>
> open a terminal window
>
> type
> host www.google.com
>
> www.google.com is an alias for www.l.google.com.
> www.l.google.com has address 66.102.9.147
> www.l.google.com has address 66.102.9.104
> www.l.google.com has address 66.102.9.99
> www.google.com is an alias for www.l.google.com.
> www.google.com is an alias for www.l.google.com.
>
> The result shows you that google has multiple ip addresses. That's ok you can
> use any one you like.
>
> Take an ip address from the list and type it in your browser
>
> This makes it pretty sure that you have the right page.
>
> Caveat: it is possible to spoof this also if someone is able to access your
> dns settings, or to the dns of your provider. (in general your provider is
> very wel protected against this)
This technique won't work for a very large number of sites that are
hosted at commercial web-hosting companies, where multiple sites are
hosted at the same IP address. These sites rely on the browser passing
them a HTTP/1.1 "Host:" header to tell them which site to access, and if
you use an IP address in the browser, the browser itself doesn't know
what to send in the "Host" header.
Paul.
--
Paul Howarth <paul at city-fan.org>
More information about the fedora-list
mailing list