|
Blog -
Technology
|
|
Written by Dennis Reinhardt
|
|
Sunday, 18 January 2009 11:46 |
I find it convenient to write user interfaces (UI) using a web browser or HTA to call my custom server. If the UI is sharable across the internet, the web browser needs to connect to the public IP address of the server. Where the UI is NOT sharable, IP definition provides the reserved IP address 127.0.0.1 (actually any octet 0-255 will do as well as 1). IP address 127.0.0.1 is not routable or broadcast outside the local machine. No remote hacker can connect to a server at 127.0.0.1 on your machine.
All IP addresses are numeric and the DNS system provides name to number translation. There is a local name to number translation which is applied first. That standard translation is in the HOSTS file. On Windows XP, the HOSTS file is located at c:\windows\system32\drivers\etc\hosts and contains the following non-comment entry:
127.0.0.1 localhost
Thus, the name "localhost" can be used as an alias for 127.0.0.1. The specification of this association is is via the HOSTS file.
Realize that hackers can attack your HOSTS file so that it it were changed to
127.0.0.1 localhost
20.20.20.20 google.com
then whenever your machine tried to connect to google.com, it would be redirected to 20.20.20.20 or whatever IP address was put it. Clearly, security of your external accesses are dependent on the integrity of the HOSTS file. ... and so is the security of your localhost connection because a HOSTS file hacked to contain
30.30.30.30 localhost
would access the external IP 30.30.30.30 for localhost and not your local machine.
In the normal case, 127.0.0.1 and localhost are equivalent ways of expressing the same local-only connection. However, 127.0.0.1 is secure and localhost can be hacked.
Windows XP treats either 127.0.0.1 and localhost as both being in the local security zone and there is no distinction made. In terms of user convenience, the two are the same.
Windows Server 2003 treats only localhost as being in the local security zone. Localhost is convenient to use and 127.0.0.1 is less so. Huh? By default, the hackable IP is in the local zone and the secure IP is not ... ? This is exactly backwards. A server product should default to secure settings by default, not less secure settings.
I ran into this on Windows Server 2003 with my DialogDevil product. DialogDevil serves pages on 127.0.0.1 for the security benefit just described. And yet, 127.0.0.1 was being blocked by default and localhost allowed on Server 2003. I have spent many hours wondering whether I should revise DialogDevil so that it uses localhost. Localhost is more convenient because no local security zone entry needs to be made but leaves DialogDevil open to an unnecessary risk of hacking.
For the record, 127.0.0.1 can be added to the Internet Explorer local security zone via the following path
open IE
click Tools menu
click Internet Options
select Security tab
select Local intranet zone
add http://127.0.0.1:port_number
where port_number is the port number required.
Trackback(0)
|
|
Last Updated on Saturday, 07 February 2009 10:57 |
Section Blog 
TrackBack URI for this entry
Subscribe to this comment's feed
