I think IPv6 even has a short-hand for localhost as ::1. Are the security implications of using a different loopback address, or someone finding out your loopback address? I guess people are upset about the New York Times snooping their loopback address and I don't understand why NYT would do that, or why anyone would care.
What's the point of being able to change your loopback/localhost 127.0.0.1 address to something else?
847 Views Asked by GlenPeterson At
1
There are 1 best solutions below
Related Questions in LOCALHOST
- auDIO_OUTPUT_FLAG_FAST denied by client can't connect to localhost
- Connect to localhost:3000 from another computer | expressjs, nodejs
- How do you run a javascript outside of the localhost directory with requirejs?
- error in python mysql where clause
- To connect to Remote Desktop connection via local system
- Joomla password reset not working
- multiple submit button in python
- Angular's $cookies only work on 'localhost'
- Why can't I connect to a local server using phantomjs / casperjs
- Connecting to localhost:8080 using Google Chrome
- Fetching data from local mysql using angular not working
- Vagrant localhost issue
- YouTube IFrame API - Untrusted Origin: Null
- R rvest connect with local host
- Unable to connect to localhost Apache Ubuntu
Related Questions in LOOPBACK-ADDRESS
- Is it possible to create a registry only on a specific loopback address in Java RMI?
- Cannot connect to LocalIP or Localhost (127.0.0.1) Using Arduino ESP8266 or Compatible Boards
- How does the VIP loopback aliase work?
- Why does the ip address 127.001 route to 127.0.0.1 and 127.011 route to 127.0.0.9?
- Loopback adapter still listen on 10.10.10.10 after uninstall
- Xamarin.Forms Android : access localhost (10.0.2.2) from WebView
- Android to PC TCP communication working only on Emulator
- Ratchet PHP: Bind to different port than 127.0.0.1:5555
- Is it technically possible that a packet sent to through the loopback device (127.0.0.1) get lost?
- php how to determine if ip is localhost?
- How to connect to my http://localhost web server from Android Emulator
- Using loopback interface for communicating between production application
- Cannot connect to localhost in windows store application
- Is there a way to replace 127.0.0.1 on my local machine for test purposes?
- How to disable loopback interface in Linux (Fedora)?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I don't believe there is any security implications in changing the loopback address. As long as you stay in the standard reserved subnet (127.0.0.0/8). Any IP datagram with a source or destination address set to a loopback address must not appear outside of a computing system, or be routed by any routing device. Packets received on an interface with a loopback destination address must be dropped. Such packets are sometimes referred to as Martian packets. As far as security, the loopback has almost no effect on security unless routing tables/loopback interfaces are changed to a different ip address. Take a look at these two articles. https://security.stackexchange.com/questions/6395/can-the-loopback-interface-be-hijacked
https://serverfault.com/questions/300776/if-i-send-data-to-my-computer-using-its-public-hostname-does-it-actually-go-ove?newsletter=1&nlcode=9544%7Cbded
As far as the NY Times article, I read that the security engineer responsible for that code found that a massive number of machines were getting broken into to commit ad fraud. White Ops ran a study last year (http://whiteops.com/botfraud) and found 2/3 of fraud was coming from home users. The code is looking for various patterns in the bots themselves. Look at the comment of that article for more reference.