AWS Load Balancer #137
Comments
|
So this means that elb cannot be taken over |
|
I had a good theory, created a engine to do it, invested a good time in that, lost 700$ in AWS costs with multiple accounts. Good luck. |
as I tought, elb can't been taken over. ec2 ip address on the other hand tho seem more interesting |
Probably, never tried. |
It was fixed recently. You will only get a set of 4 to 5 IPs when you associate and release the IPs. Before you could iterate until receiving the wanted IP. |
|
I went down the ec2 IP route a year or two back. I created a script that went through all their IP ranges in about 2 weeks. I found that it eventually it started giving me the same IPs again without giving me any that were available for possible takeover. I guess they have some long lease time on them preventing takeover. |
EdOverflow
added
the
not vulnerable
Service name
AWS Load Balancer
looks like "region.elb.amazonaws.com" or "elb.region.amazonaws.com"
Proof
The URLs produced when you create a load balancer contain a number which you can't control, like <vw3-production-622849735.us-east-1.elb.amazonaws.com>. Since Amazon assigns that number, you cannot claim an expired domain even if you can claim the "name" (in this case "vw3-production").
Documentation
Configure a Custom Domain Name for Your Classic Load Balancer
The text was updated successfully, but these errors were encountered: