http://nakedsecurity.sophos.com/2013/12/09/serious-security-google-finds-fake-but-trusted-ssl-certificates-for-its-domains-made-in-france/
__________________________________ Samuel Riesz ________________________________ De: [email protected] [[email protected]] em nome de Liam Randall [[email protected]] Enviado: terça-feira, 10 de dezembro de 2013 12:42 Para: PaulDotCom Security Weekly Mailing List Assunto: Re: [Pauldotcom] New IP addresses range for google? http://www.reddit.com/r/AskNetsec/comments/1s9nd5/googlecom_dns_hijack_or_something_else/ Liam On Mon, Dec 9, 2013 at 9:03 PM, Bacon Zombie <[email protected]<mailto:[email protected]>> wrote: " Late on December 3rd, we became aware of unauthorized digital certificates for several Google domains. We investigated immediately and found the certificate was issued by an intermediate certificate authority (CA) linking back to ANSSI, a French certificate authority. Intermediate CA certificates carry the full authority of the CA, so anyone who has one can use it to create a certificate for any website they wish to impersonate." http://googleonlinesecurity.blogspot.ro/2013/12/further-improving-digital-certificate.html?m=1 On 10 Dec 2013 01:59, "Bacon Zombie" <[email protected]<mailto:[email protected]>> wrote: Looks like a French based CA has generate a "fake" Google Cert which they have just found out about. On 10 Dec 2013 01:47, "Jim Halfpenny" <[email protected]<mailto:[email protected]>> wrote: The SSL certificate looks legit. It's a wildcard for a whole load of Google services and I've seen this before on some kind of Google CDN or content accelerator. Makes me wonder what one of those certs is worth on the black market.... Jim On 7 December 2013 14:18, chilli34 . <[email protected]<mailto:[email protected]>> wrote: Has anybody heard of Google spinning up some new IP address ranges in Mexico? We currently are having issues resolving requests for google.com<http://google.com> and our ISP Is sending us to some 201.130.208.45 addresses which have the Google front page but the subnet range isn't owned by google.com<http://google.com>. Hoping somebody out there might have some info on this, anything you can provide would be great! Thanks, p.s. here is a full list of IP's that we are hitting. 201.130.208.45 201.130.208.49 201.130.208.53 201.130.208.57 201.130.208.59 201.130.208.15 201.130.208.19 201.130.208.23 201.130.208.27 201.130.208.29 201.130.208.30 201.130.208.34 201.130.208.38 201.130.208.42 201.130.208.44 Brian _______________________________________________ Pauldotcom mailing list [email protected]<mailto:[email protected]> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected]<mailto:[email protected]> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected]<mailto:[email protected]> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com -- Esta mensagem foi verificada pelo sistema de antivirus e acredita-se estar livre de perigo. -- Esta mensagem foi verificada pelo sistema de antivirus e acredita-se estar livre de perigo.
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
