Tags
Network
ATT&CK Tactic
Discovery (TA0007)
Incidents
References
Last edited
Jan 23, 2024 6:26 PM
Status
Stub
Defenses
When an organization uses a CDN to front and secure their web services, they must ensure that their origin IP address is not discoverable, as otherwise an attacker could bypass the layers of protection supplied by the CDN provider by directly targeting the endpoint.
Origin IP addresses could be leaked via DNS record history, SSL certificates or subdomain enumeration (if any subdomains point to the origin IP).