Security Incidents mailing list archives
RE: Weird log entries...
From: "Cushing, David" <David.Cushing () hitachisoftware com>
Date: Thu, 28 Mar 2002 09:25:13 -0500
Josh, It's not a bug, it's a feature. The connect command is used to do what you guessed: create a tunnel to another location. http://www.ietf.org/rfc/rfc2817.txt 5.2 Requesting a Tunnel with CONNECT A CONNECT method requests that a proxy establish a tunnel connection on its behalf. The Request-URI portion of the Request-Line is always an 'authority' as defined by URI Generic Syntax [2], which is to say the host name and port number destination of the requested connection separated by a colon: CONNECT server.example.com:80 HTTP/1.1 Host: server.example.com:80 Obviously, if you have a program that supports this feature, it should be locked down! -David ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Weird log entries... Josh Diakun (Mar 28)
- Re: Weird log entries... Kelly Martin (Mar 28)
- Re: Weird log entries... Florian Weimer (Mar 29)
- RE: Weird log entries... John Hartley (Mar 29)
- <Possible follow-ups>
- Re: Weird log entries... zeno (Mar 28)
- RE: Weird log entries... Cushing, David (Mar 29)
- RE: Weird log entries... Michael Ward (Mar 29)