Bugtraq mailing list archives
IIS respond private address
From: n-miwa () LAC CO JP (Nobuo Miwa)
Date: Sat, 17 Jul 1999 01:03:16 -0400
Folks who have IIS bihind Firewall, My IIS 4.0 respond its real IP Address unashamedly even if they are behind Firewall and it has private address. It's easy to test for everyone. $ telnet www.some.where 80 Trying ***.***.**.3... Connected to www.some.where. Escape character is '^]'. GET / HTTP/1.0 HTTP/1.1 200 OK Server: Microsoft-IIS/4.0 Content-Location: http://192.168.10.15/index.html ... I've tested this on Japanese IIS 4.0 SP5 but I've not tested many cases yet. Please comment. I searched some informations for controlling Content-Location header. But I couldn't find its solution. I just want to hide my private address from all over the world... <Nobuo Miwa> n-miwa () lac co jp ( @ @ ) http://www.lac.co.jp ------------------------------------o00o--(. .)--o00o---------------------- LAC CO.,LTD. TEL: +1-617-367-6726 FAX: +1-617-367-6726
Current thread:
- IIS respond private address Nobuo Miwa (Jul 16)
- <Possible follow-ups>
- Re: IIS respond private address Nobuo Miwa (Jul 20)