Origin server protection notification
First Claim
Patent Images
1. A method in a service server, comprising:
- analyzing Domain Name System (DNS) records of a single site, wherein at least one DNS record points to a first IP address of a proxy server of a service;
determining that at least one of the DNS records of the single site that is not pointed to a second IP address of the proxy server of the service is referencing the at least one DNS record that points to the first IP address of the proxy server of the service; and
responsive to the determining, displaying a notification that the at least one of the DNS records of the single site that is not pointed to the second IP address of the proxy server of the service is referencing the at least one DNS record that points to the first IP address of the proxy server of the service thereby exposing a third IP address of an origin server of the single site.
2 Assignments
0 Petitions
Accused Products
Abstract
An origin server has been registered, or is in the process of being registered, for a proxied service that includes changing Domain Name System (DNS) configurations such that certain network traffic is proxied at a proxy server instead of that traffic being received directly at the origin server. The service checks the configuration and determines if there is any flaw in the configuration that may cause information about the origin server (e.g., the IP address of the origin server) to be leaked. Upon finding a flaw in the configuration, the service may notify the origin server and/or the operator of the origin server that the information may be leaked.
-
Citations
21 Claims
-
1. A method in a service server, comprising:
-
analyzing Domain Name System (DNS) records of a single site, wherein at least one DNS record points to a first IP address of a proxy server of a service; determining that at least one of the DNS records of the single site that is not pointed to a second IP address of the proxy server of the service is referencing the at least one DNS record that points to the first IP address of the proxy server of the service; and responsive to the determining, displaying a notification that the at least one of the DNS records of the single site that is not pointed to the second IP address of the proxy server of the service is referencing the at least one DNS record that points to the first IP address of the proxy server of the service thereby exposing a third IP address of an origin server of the single site. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium storing instructions, which when executed by a set of one or more processors, cause the set of processors to perform operations comprising:
-
analyzing Domain Name System (DNS) records of a single site, wherein at least one DNS record points to a first IP address of a proxy server of a service; determining that at least one of the DNS records of the single site that is not pointed to a second IP address of the proxy server of the service is referencing the at least one DNS record that points to the first IP address of the proxy server of the service; and responsive to the determining, displaying a notification that the at least one of the DNS records of the single site that is not pointed to the second IP address of the proxy server of the service is referencing the at least one DNS record that points to the first IP address of the proxy server of the service thereby exposing a third IP address of an origin server of the single site. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus, comprising:
-
a set of one or more processors; a set of one or more non-transitory computer-readable mediums that store instructions, that when executed by the set of processors, cause the set of processors to perform the following; analyze Domain Name System (DNS) records of a single site, wherein at least one DNS record points to a first IP address of a proxy server of a service; determine that at least one of the DNS records of the single site that is not pointed to a second IP address of the proxy server of the service is referencing the at least one DNS record that points to the first IP address of the proxy server of the service; and responsive to the determination, display a notification that the at least one of the DNS records of the single site that is not pointed to the second IP address of the proxy server of the service is referencing the at least one DNS record that points to the first IP address of the proxy server of the service thereby exposing a third IP address of an origin server of the single site. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification