Vulnerability Development mailing list archives
Re: Anyone encountered this with NetCache?
From: "Jeremy Sanders" <jsanders () newsouthfederal com>
Date: Mon, 30 Jul 2001 13:49:20 -0500
What I seemed to notice is that in an intercepted HTTP request, the _domain_ name in the request takes precedence over the actual destination IP address of original HTTP request packets.
Has anyone else encountered this?
This is because transparent proxies strip traffic, either via ipchains, ipfilter, wccp, route-maps, or some other routing trick. Some of these methods change the destination address, others just change the next hop address. When the packet is then delivered to the caching software it has the destination ip address of the cache server. When the caching software gets the packet the only clue it has as to what to get is the HTTP request header which is then backfilled to either the wccp device or the original source address depending on the design. Jeremy Sanders, CCNP CNE Advanced Systems Engineer New South Federal Savings Bank
Current thread:
- Anyone encountered this with NetCache? Lincoln Yeoh (Jul 23)
- <Possible follow-ups>
- Re: Anyone encountered this with NetCache? Jeremy Sanders (Jul 30)