Linux HackFest Series: Evil /etc/hosts file
Alex Dean
alex at crackpot.org
Thu Dec 11 19:50:47 MST 2008
On Dec 10, 2008, at 12:27 PM, Lisa Kachold wrote:
> Trust is the basis for all security.
>
> The "evil" /etc/hosts file would look like this:
>
> # /etc/hosts
> 127.0.0.1 hostname localhost localhost.localdomain
>
> # end
>
> A good /etc/hosts file appears:
>
> # /etc/hosts
> 127.0.0.1 localhost localhost.localdomain
> 192.168.6.66 hostname
>
> # end
BTW, an /etc/hosts file like the first one will also mess up an Apache
SSL virtual host for hostname.
Given something like this:
<VirtualHost *:443>
ServerName hostname
</VirtualHost>
Apache will resolve 'hostname' to 127.0.0.1 when it starts up. When a
new SSL request comes in for 192.168.6.66, you've got breakage.
sudo httpd -t -D DUMP_VHOSTS
will let you see how Apache has parsed your virtual hosts, and you
would be able to see an SSL site reported as 127.0.0.1 in this
situation.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20081211/aed67155/attachment.pgp
More information about the PLUG-discuss
mailing list