喜大普奔扫到的IP不再秒封

dongshige commented 7 years ago

非 sniproxy，同段还有多个ip可用

ghost commented 7 years ago

也许是重启，或是宕机。

e2889e commented 7 years ago

最好别用这个ip证书有问题,可能会被人窃听

$  curl https://www.baidu.com -H "Host: www.google.com" --resolve "www.baidu.com:443:185.53.93.199" --insecure --verbose  -A ''
* Added www.baidu.com:443:185.53.93.199 to DNS cache
* Rebuilt URL to: https://www.baidu.com/
* Hostname www.baidu.com was found in DNS cache
*   Trying 185.53.93.199...
* TCP_NODELAY set
* Connected to www.baidu.com (185.53.93.199) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=UK; ST=Hampshire; L=Farnborough; O=WirehiveLtd; CN=lb-letcre-002.servers.wirehive.net
*  start date: Apr 11 10:23:18 2017 GMT
*  expire date: Jan 25 10:23:18 2291 GMT
*  issuer: C=UK; ST=Hampshire; L=Farnborough; O=WirehiveLtd; CN=lb-letcre-002.servers.wirehive.net
*  SSL certificate verify result: self signed certificate (18), continuing anyway.
> GET / HTTP/1.1
> Host: www.google.com
> Accept: */*
> 
< HTTP/1.1 302 Found
< Cache-Control: private
< Content-Type: text/html; charset=UTF-8
< Referrer-Policy: no-referrer
< Location: http://www.google.co.uk/?gfe_rd=cr&dcr=0&ei=rmngWfvUE6bS8AfjyY3QAg
< Content-Length: 271
< Date: Fri, 13 Oct 2017 07:22:22 GMT
< Connection: close
< 
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.google.co.uk/?gfe_rd=cr&amp;dcr=0&amp;ei=rmngWfvUE6bS8AfjyY3QAg">here</A>.
</BODY></HTML>
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):

dongshige commented 7 years ago

@e2889e 看不太懂，求解释

我是利用ip在google.com搜索"my ip"，能正确返回本地ip即google官方服务器，可以信任使用

e2889e commented 7 years ago

就是这个ip是个中间人,能看到你和谷歌的通信内容

大致如下

你->(https,不是谷歌的证书)->185.53.93.199(能看到明文)->(https,谷歌的证书)->谷歌

dongshige commented 7 years ago

`

Server certificate:
subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*.google.com
start date: 2017-10-03 17:52:42 GMT
expire date: 2017-12-26 17:44:00 GMT
issuer: C=US; O=Google Inc; CN=Google Internet Authority G2
SSL certificate verify ok. ` @e2889e 这是vps获取的，subject包含google才是正确证书吗

e2889e commented 7 years ago

满足这两个,应该就是了,

CN是google的域名.CN=*.google.com
证书验证通过.

dongshige commented 7 years ago

@e2889e 多谢解惑新技能get

skyalien commented 7 years ago

@dongshige 所以这个IP是安全的吗？

carotin commented 7 years ago

不是谷歌证书的ip不安全,慎用.

dongshige commented 7 years ago

@skyalien 用来做一些对安全要求不高的活动够用了，gmail之类的账户登录尽量避免

sundaqing1969 commented 7 years ago

楼主提供的ip可用，感谢!怎么找这种ip？望提供这种ip的低延迟的ip

rainbowsky911 commented 7 years ago

小白请问下找到的IP在XX-net中如何使用

dongshige commented 7 years ago

@sundaqing1969 扔vps上扫几天

https://hyxxsfwy.github.io/2016/06/18/%E6%90%9C%E9%9B%86%E5%8F%AF%E7%94%A8%E4%BA%8EXX-Net%E7%9A%84%E9%AB%98%E9%80%9FGGC-IP%E6%AE%B5/

sundaqing1969 commented 7 years ago

谢谢楼主

carotin commented 7 years ago

@rainbowsky911 添加到good_ip.txt里.

XX-net / XX-Net