[clug] April 2018 CLUG Meeting
Eyal Lebedinsky
eyal at eyal.emu.id.au
Fri Apr 27 06:00:39 UTC 2018
On 27/04/18 15:45, Keith Goggin via linux wrote:
> Thanks to Geoff Huson for his excellent 'Web Security Primer' last night.
>
> I know 'an' IP address of my bank and if every thing I needed was at that address I'm guessing I'd be safe.
IPs change and as such unsafe to use.
> But I know that the bank itself redirects me to a separate login page and if that and all subsequent redirections were by IP address would I not be safe?
The redirect may very well be to a URI rather than an IP.
I looked up anz
anz.com.au has address 202.2.59.40
Browsing to http://202.2.59.40 redirects to https://www.anz.com.au/personal/
However...
Browsing to https://202.2.59.40 says
Your connection is not secure
202.2.56.40 uses an invalid security certificate.
The certificate is only valid for the following names:
anz.com.au, www.anz.com.au, www.anz.com, anz.com
Error code: SSL_ERROR_BAD_CERT_DOMAIN
Which is expected.
--
Eyal at Home (eyal at eyal.emu.id.au)
More information about the linux
mailing list