Re: Debian 11, Chrome and .asp pages

[gene heskett <gheskett@shentel.net>]

On 8/28/22 09:47, Greg Wooledge wrote:
> On Sun, Aug 28, 2022 at 09:13:43AM -0400, gene heskett wrote:
> > On 8/28/22 08:27, Greg Wooledge wrote:
> > > We would need to know THE ACTUAL URL the OP is trying to use, and THE
> > > ACTUAL SYMPTOMS they are seeing.  That would be a minimal starting
> > > point for trying to diagnose the situation.
> > >
> > > Other supporting information would be things like "I tried in the
> > > following web browsers _____, and this is what happened _____."  Or,
> > > "I also tried from a Windows PC on the same internal network, using
> > > the ______ web browser, and this is what happened _______."
> > >
> > > Or, "My /etc/resolv.conf which is generated by the router's DHCP contains
> > > this __________."  Or even, "My /etc/resolv.conf which is NOT generated
> > > by DHCP, but instead is maintained by me, contains ________."
> > >
> > > You know, a sensible sharing of information.
> > A quite reasonable request, however I'd sanitize any numerical addresses in
> > such
> > info before publishing it...
> WHY?
>
> What POSSIBLE reason is there to hide the internal IPv4 network address
> that you're using?
>
> Here's my /etc/resolv.conf WITHOUT HIDING ADDRESSES, because hiding that
> information would be UTTERLY POINTLESS:
On that point I'll disagree, I don't use 127.anything here except for 
localhost. My real
addresses are someplace in the 192.168,xx.yy range, which is 65,535 
addresses wide.
Let the black hats guess where if they can figure out how to get past 
that 192.168 block.

But your challenge did point out that I had forgotten to chattr -i my 
resolv.conf. So I added
a "search $my.domain" above the nameserver address which is the address 
of my router. If my router
can't answer, the query gets fwd'd to my ISP's nameserver.

And I did note that an address I had in my /etc/hosts file because its 
been dns black holed
by court order managed to get wiped at one or more points in my 20+ 
attempts to install
bullseye, (however I found and recovered it from another machine on my 
local net) brought
on by the installer assuming you are blind if it finds a usb<->serial
convertor plugged in.  And my system normally has 2 of those plugged in. 
Did you ever
try to run a computer when the speakers are yelling every keystroke at 
you? Most annoying.
> unicorn:~$ cat /etc/resolv.conf
> search wooledge.org
> nameserver 127.0.0.1
> nameserver 10.0.0.1
> nameserver 8.8.8.8
>
>
> 127.0.0.1 is of course loopback, so the first nameserver that's used is
> my locally running caching resolver.
>
> 10.0.0.1 is the router's internal IP address (on ethernet), so the second
> nameserver used is the router's mostly-forwarding builtin resolver.
>
> The last-resort nameserver is Google's 8.8.8.8.
>
> Why would you think that ANY of these addresses should be hidden?
Those addresses are public of course, but the internal address of 
anything here
on my property is absolutely none of the rest of this planets business.

The difference is /I/ control it. And it will stay that way.
>    The
> only results of hiding this information would be to make your email take
> longer to write, and to make your problem harder to solve.
>
> .


Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page <http://geneslinuxbox.net:6309/>