zlacker

[return to "I read the federal government’s Zero-Trust Memo so you don’t have to"]
1. uncomp+ow[view] [source] 2022-01-27 17:33:44
>>EthanH+(OP)
> “Enterprise applications should be able to be used over the public internet.”

Isn’t exposing your internal domains and systems outside VPN-gated access a risk? My understanding is this means internaltool.faang.com should now be publicly accessible.

◧◩
2. mjg59+vo1[view] [source] 2022-01-27 21:12:45
>>uncomp+ow
$ host buganizer.corp.google.com

buganizer.corp.google.com is an alias for uberproxy.l.google.com.

uberproxy.l.google.com has address 142.250.141.129

uberproxy.l.google.com has IPv6 address 2607:f8b0:4023:c0b::81

Google's corp services are publicly accessible in that sense - but you're not getting through the proxy without valid credentials and (in most cases) device identity verification.

◧◩◪
3. joshua+s65[view] [source] 2022-01-28 22:03:14
>>mjg59+vo1
Not to mention login.corp.google.com (which has been on the frontpage of HN before!).
[go to top]