top | item 46897084

(no title)

ashu1461 | 25 days ago

Isn't the article over emphasising a little bit on leakage of internal urls ?

Internal hostnames leaking is real, but in practice it’s just one tiny slice of a much larger problem: names and metadata leak everywhere - logs, traces, code, monitoring tools etc etc.

discuss

reddalo|25 days ago

In other words: never put sensitive information in names and metadata.

dmichulke|25 days ago

Or name them after little bobby tables.

Is there some sort of injection that's a legal host name?

icedchai|24 days ago

Is it a real problem? My internal hostnames resolve to RFC-1918 addresses and I have a firewall. If I wasn't so lazy, I'd use split DNS.