?
Solved

BYPASSING DNS

Posted on 2013-11-25
2
Medium Priority
?
361 Views
Last Modified: 2013-11-26
We have company internal website.

I can get to my website like this:
https://InventoryDelux.dev.ibm.net/Pages/Default.aspx

But when I try to bypass DNS by directly typing in the ipaddress, I get error below.
Here is the link I am using:
https://10.194.221.83/Pages/Default.aspx
I also tried:
https://10.194.221.83:443/Pages/Default.aspx

Same problem (see error below)

Why is that, and how to bypass DNS and directly access the website.


ERROR:

  There is a problem with this website's security certificate.
 
   
 The security certificate presented by this website was issued for a different website's address.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.  
  We recommend that you close this webpage and do not continue to this website.  
  Click here to close this webpage.  
  Continue to this website (not recommended).  
     More information


If you arrived at this page by clicking a link, check the website address in the address bar to be sure that it is the address you were expecting.
When going to a website with an address such as https://example.com, try adding the 'www' to the address, https://www.example.com.
If you choose to ignore this error and continue, do not enter private information into the website.

For more information, see "Certificate Errors" in Internet Explorer Help.
0
Comment
Question by:kamistry
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 53

Assisted Solution

by:COBOLdinosaur
COBOLdinosaur earned 1000 total points
ID: 39676280
It is using the https which is a secure protocol, and the security certificate is for the specific domain: https://InventoryDelux.dev.ibm.net/Pages/Default.aspx

It address: https://10.194.221.83:443/Pages/Default.aspx  using the ip it does not have a certificate and so that raises security violation flags.  There is no way the browser can relate the domain name to the ip because it dd not go through DNS to generate the target address.

C&
0
 
LVL 15

Accepted Solution

by:
Giovanni Heward earned 1000 total points
ID: 39676282
If the web server is hosting more than one site, its likely configured to reply based on the HTTP host header.  Your browser automatically derives this value from the requested URI and passes the value to the web server.  When your request is based on an IP address, the default web site is displayed.

If more than one site is being hosted, you'll need to either spoof the HTTP host header, or you need to modify your local %windir%\system32\drivers\etc\hosts file to resolve the host name to the IP address is question.  This would effectively bypass your DNS server(s) though unlikely achieve your desired result.

Regarding HTTPS and digital certificates, if you want the web server to respond (without error) to HTTPS requests based on the IP address, then you'll need have the certificate reissued to support multiple CNs, which include the IP address and relevant host names (e.g. 10.0.0.1, host, host.domain.local, host.example.com )

Please note this is not typical, as the general assumption is humans prefer domain names as opposed to IP addresses.  However, it's still possible to do.

Using IIS and SelfSSL7 as an example, you could accomplish this using the following command:

selfssl7 /n cn=localhost;cn=10.0.0.1;cn=host;cn=host.domain.local;cn=host.example.com /k 2096 /t /q /i

Open in new window


Of course this is a self-signed certificate, and would need to be trusted by any client viewing the website over HTTPS.

A TLS extension called Server Name Indication (SNI) allows a server to present multiple certificates on the same IP address and port number.
0

Featured Post

Setting up LaraDock for Laravel

Learn how to set up LaraDock in a Laravel project - LaraDock gives us an easy way to run a Laravel application using Docker in a single command.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When crafting your “Why Us” page, there are a plethora of pitfalls to avoid. Follow these five tips, and you’ll be well on your way to creating an effective page.
What You Need to Know when Searching for a Webhost Provider
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question