[LINK] Google-Cloud IP addressing
David Lochrin
dlochrin at aussiebb.com.au
Wed Oct 14 14:29:57 AEDT 2020
Thanks everyone for this very interesting discussion.
On 2020-10-14 10:08, Hamish Moffatt wrote:
> Besides, there is a privacy advantage to IP address sharing anyway. With an encrypted connection (HTTPS), when you connect to 23.236.62.147, your ISP (and your government) doesn't know which of the 6,281,493 domains you are looking at. Are you looking for a recipe for sourdough or for a bomb?
Now there's a thought!
There's a good article about attacks on web servers mounted by altering the HTTP "Host:" header at https://portswigger.net/web-security/host-header Such attacks seem to rely on server code which trusts the content of the Host: header in incoming packets, and HTTPS isn't any protection if a client is compromised.
A quick google for problems associated with firewall NAT (masquerading) didn't turn up anything, despite the vast number of systems potentially on one IP address. A different problem would presumably arise if a system on a virtual-host requires asynchronous access to a client, but I guess it could be solved with proper use of certificates.
David Lochrin
More information about the Link
mailing list