|
-
February 16th, 2005, 02:27 PM
#3
Ok.... Now, correct me if I am wrong.....
I just ran the following test in Firefox....
I requested the following url with Ethereal running:-
http://[email protected]
The DNS request was for www.antionline.com and the redirection was about to work but Firefox popped up and told me that this was suspicious and that I might be being redirected. If I said "Yes" it took me to AO but popped up another message telling me I'm trying to log into AO with the username www.yahoo.com and the site doesn't require auth.......
Ok, that aside.... Since it's the browser that's being conned into the redirection how would the certificate be of use? The certificate, in this case, would be for www.yahoo.com but the browser is going to www.antionline.com so, as far as the browser is concerned, the certificate would be irrelevant.
Or am I missing something?
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote