I think IPv6 even has a short-hand for localhost as ::1. Are the security implications of using a different loopback address, or someone finding out your loopback address? I guess people are upset about the New York Times snooping their loopback address and I don't understand why NYT would do that, or why anyone would care.
What's the point of being able to change your loopback/localhost 127.0.0.1 address to something else?
849 Views Asked by GlenPeterson At
1
There are 1 best solutions below
Related Questions in LOCALHOST
- What's supposed to be the problem in this query?
- I cant access file directory with PHP local host on XAMPP. it just shows one of the files I have in my visual studio code
- Firebase authentication does not work on 127.0.0.1 but works on localhost
- Next.Js: localhost:3000 not working in browser
- Auto redirect 127.0.0.1:8000 to 127.0.0.1:8000/app/
- How can I connect my Android Studio apk to localhost for real Android devices?
- Localhost doesn't see my file; The requested URL was not found on this server
- Issue with Google Login Implementation using google-auth-library in Node.js
- Calling service with localhost or machine IP for internal calls?
- If a website is running on localhost, does Next.js have more performance than React.js?
- Mediapipe making python local server throw "[WinError 6] The handle is invalid"
- Filament Laravel Project
- localhost runs for a long time (react)
- React app using Vite has blank white screen when i open in localhost
- Persist Local AppEngine logs to Google App Engine Logger?
Related Questions in LOOPBACK-ADDRESS
- Is it possible to create a registry only on a specific loopback address in Java RMI?
- Cannot connect to LocalIP or Localhost (127.0.0.1) Using Arduino ESP8266 or Compatible Boards
- How does the VIP loopback aliase work?
- Why does the ip address 127.001 route to 127.0.0.1 and 127.011 route to 127.0.0.9?
- Loopback adapter still listen on 10.10.10.10 after uninstall
- Xamarin.Forms Android : access localhost (10.0.2.2) from WebView
- Android to PC TCP communication working only on Emulator
- Ratchet PHP: Bind to different port than 127.0.0.1:5555
- Is it technically possible that a packet sent to through the loopback device (127.0.0.1) get lost?
- php how to determine if ip is localhost?
- How to connect to my http://localhost web server from Android Emulator
- Using loopback interface for communicating between production application
- Cannot connect to localhost in windows store application
- Is there a way to replace 127.0.0.1 on my local machine for test purposes?
- How to disable loopback interface in Linux (Fedora)?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I don't believe there is any security implications in changing the loopback address. As long as you stay in the standard reserved subnet (127.0.0.0/8). Any IP datagram with a source or destination address set to a loopback address must not appear outside of a computing system, or be routed by any routing device. Packets received on an interface with a loopback destination address must be dropped. Such packets are sometimes referred to as Martian packets. As far as security, the loopback has almost no effect on security unless routing tables/loopback interfaces are changed to a different ip address. Take a look at these two articles. https://security.stackexchange.com/questions/6395/can-the-loopback-interface-be-hijacked
https://serverfault.com/questions/300776/if-i-send-data-to-my-computer-using-its-public-hostname-does-it-actually-go-ove?newsletter=1&nlcode=9544%7Cbded
As far as the NY Times article, I read that the security engineer responsible for that code found that a massive number of machines were getting broken into to commit ad fraud. White Ops ran a study last year (http://whiteops.com/botfraud) and found 2/3 of fraud was coming from home users. The code is looking for various patterns in the bots themselves. Look at the comment of that article for more reference.