cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Security risks with curl and DynDNS?

From: Ignacio Vazquez-Abrams <ivazquez_at_ivazquez.net>
Date: Sat, 08 Oct 2005 00:08:46 -0400

On Sat, 2005-10-08 at 01:23 +0000, Blenda wrote:
> Loopia is a Swedish ISP that provides services for Dynamic DNS with the DynDNS
> protocol.
>
> They recommand curl for updating the IP to the DynDNS server in Unix, like this:
> curl -s --user 'username:password'
> "https://dns.loopia.se/XDynDNSServer/
> XDynDNS.php?hostname=domainnamne&myip=ipadress"
>
> I wonder if there are any security risks with this procedure? For example, could
> someone see which URL:s I'm accessing and then get hold of my Loopia password?

The SSL connection is established, and only then is the HTTP request
done. So you're as protected as cURL's implementation of SSL is strong.

-- 
Ignacio Vazquez-Abrams <ivazquez_at_ivazquez.net>
http://fedora.ivazquez.net/
gpg --keyserver hkp://subkeys.pgp.net --recv-key 38028b72

application/pgp-signature attachment: This is a digitally signed message part

Received on 2005-10-08

This message: [ Message body ]
Next message: Blenda: "Re: Security risks with curl and DynDNS?"
Previous message: Blenda: "Security risks with curl and DynDNS?"
In reply to: Blenda: "Security risks with curl and DynDNS?"
Next in thread: Blenda: "Re: Security risks with curl and DynDNS?"
Reply: Blenda: "Re: Security risks with curl and DynDNS?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]