https - hopefully not too stupid a question
tony.naggs at googlemail.com
Sun Jun 17 17:19:06 BST 2012
On 17 June 2012 16:53, Roland Perry <lists at internetpolicyagency.com> wrote:
> Hmm, if I try to access:
> (Where 18.104.22.168 is what my DNS translates www.update.microsoft.cominto)
> I get:
> This is probably not the site you are looking for!
> You attempted to reach 22.214.171.124, but instead you actually reached a
> server identifying itself as www.update.microsoft.com. This may be
> caused by a misconfiguration on the server or by something more
> serious. An attacker on your network could be trying to get you to
> visit a fake (and potentially harmful) version of 126.96.36.199.
> Is this my browser (Chrome) not getting its act together, or is there an
> infelicity in one of the protocols?
The browser message is being slightly misleading - it has simply found that
the text of the website you typed "188.8.131.52" differs the name on the
certificate the web server sent it "www.update.microsoft.com".
The web browser does not make a connection between the 2, as the
translation of the text "184.108.40.206" directly to an IP address & bypassing
the name (DNS) lookup is done at a lower layer in the communications stack.
An alternative way to avoid making the DNS lookups across the Internet is
to keep the name lookup local to your PC by directly adding it the Windows
or Unix hosts file with a line something like this:
Of course doing this would isolate you from knowing about any move
Microsoft may make of the service to another server. Wikipedia have a nice
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ukcrypto