SNI Routing with DNS Lookup

SNI (Server Name Indication) is an extension of the TLS protocol that is used by the client to indicate the hostname it is attempting to connect to at the start of the SSL handshake.  In the case...
Published Jan 31, 2022
Version 1.0
security
sni
sslo
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Jan 21, 2023

Hi Peter,

your [catch "...do something..." addr] command allows double-substitution. Special crafted SNI records will be able to hijack or crash your LTM. You may test my observation by manually overwriting the value of ${s_sni} to "www.\[{log}ups!?!\].de". It should add a harmless log line to your log...

Cheers, Kai