The same convention is defined for computers that support IPv6 addressing using the connotation of ::1. The address is used to establish an IP connection to the same machine or computer being used by the end-user. If a host has two IP addresses, 192.168.1.1 and 10.1.2.1, and a server running on the host listens on 0.0.0.0, it will be reachable at both of those IPs.ġ27.0.0.1 is the loopback Internet protocol (IP) address also referred to as the localhost. In the context of servers, 0.0.0.0 means all IPv4 addresses on the local machine. In the context of a route entry, it usually means the default route. 0.0.0.0 is a non-routable meta-address used to designate an invalid, unknown, or non-applicable target (a ‘no particular address’ place holder).127.0.0.1 is the loopback address (also known as localhost).SuperUser contributor DavidPostill has the answer for us: What is the difference between 127.0.0.1 and 0.0.0.0? The Answer So, what is the difference between 127.0.0.1 and 0.0.0.0? I understand that 127.0.0.1 points to localhost and that 0.0.0.0 also does as well (correct me if I am wrong). But if the priority was changed, this is exploitable using the DNS or NIS servers.SuperUser reader Sagnik Sarkar wants to know what the difference between 127.0.0.1 and 0.0.0.0 is: In the standard configuration the host file has precedence over NIS and DNS, which requires local root access and makes this kind of attack pointless. This password might be reused elsewhere or the server may accepting connections from other interfaces because it is password protected anyway. Whether this is an issue or not depends on the situation: The client may send a password without validating the server by either not using ssl or trusting any certificate (There are testing-certificates for localhost out there that are signed by trusted CAs). Pointing "localhost" to another ip-addressĮditing /etc/hosts as root so that it points localhost to another ip-address works: ping localhost So this is something that needs to be look at in more detail by analyzing the source code. Ping 127.0.0.1, however, fails with an Illegal Argument error: $ ping 127.0.0.2 # ifconfig eth0 127.0.0.2 netmask 255.0.0.0Īnd results in: lo Link encap:Lokale SchleifeĮth0 Link encap:Ethernet Hardware Adresse On Debian it works as root to assign 127.0.0.1/8 to the network interface: # ifconfig lo 10.0.0.1 netmask 255.0.0.0 Assigning 127.0.0.1/8 to the network interface There are lots of speculations, let's try it. This made me tick and come and ask this weird question. and how firewalls are configured to block weird traffic in but not so much for traffic out. Think in how many web server do have their databases in there and send "internal" requests for connection with data. So, simplifying and making it an actual question: is there any way, remotely as it could be, to hijack routing tables/loopback interfaces/whatever it takes to make a machine send it's traffic out when those communications are supposed to be internal? This means, even names like "localhost" or IPs like 127.0.0.1 does not work for this source device, but it rather has to send everything to another device to send the information its "destination" device (which, we know, it's that same server). Let's assume that for some reason we could make the traffic sent from a specific application to another to travel to a router/routing device because the source device cannot determine on its own where does it have to send the packet. Inspired by this question I came up with this weird idea of making what that user actually wants to prevent.
0 Comments
Leave a Reply. |