Thanks everyone for this very interesting discussion. On 2020-10-14 10:08, Hamish Moffatt wrote:
> Besides, there is a privacy advantage to IP address sharing anyway. With an > encrypted connection (HTTPS), when you connect to 23.236.62.147, your ISP > (and your government) doesn't know which of the 6,281,493 domains you are > looking at. Are you looking for a recipe for sourdough or for a bomb? Now there's a thought! There's a good article about attacks on web servers mounted by altering the HTTP "Host:" header at https://portswigger.net/web-security/host-header Such attacks seem to rely on server code which trusts the content of the Host: header in incoming packets, and HTTPS isn't any protection if a client is compromised. A quick google for problems associated with firewall NAT (masquerading) didn't turn up anything, despite the vast number of systems potentially on one IP address. A different problem would presumably arise if a system on a virtual-host requires asynchronous access to a client, but I guess it could be solved with proper use of certificates. David Lochrin _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
