Penetration Testing mailing list archives
Re: [PEN-TEST] Your opinions are solicited ...
From: "Deus, Attonbitus" <Thor () HammerofGod Com>
Date: Tue, 31 Oct 2000 12:32:04 -0800
Does anyone know if this variable (HTTP_X_FORWARD or the like) can be instantiated on MS Proxy Server? I can find nothing on it. I use reverse proxy publication to re-route external requests to an internal web server, and would love to collect the actual IP address from the internal logs as opposed to trying to coordinate the external log (with the real ip address) and the internal log (that has the proxy server address as the REMOTE_ADDR). Anyone? Bueller? Anyone? --------------------------------------------------------- Attonbitus Deus thor () hammerofgod com ----- Original Message ----- From: "Paul Robinson" <paul () AKITANET CO UK> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Tuesday, October 31, 2000 9:39 AM Subject: Re: [PEN-TEST] Your opinions are solicited ...
You are right that proxies can cause a problem here, but even in those
cases,
most proxies (that behave, anyway) normally pass an extra HTTP environment variable called HTTP_X_FORWARD which will actually reveal the real IP
address
being used on the public interface - regardless of NAT. In addition, the REMOTE_ADDR variable will hold the IP address of the cache engine/proxy
being
used. If you use the two combined, you're going to secure things down a little more, and it's now going to be very difficult for an attacker to
steal
the session (especially as your cookies that are being passed around and changed on every transaction/page reload are travelling over SSL), apart
from
when you're in a NAT'ed environment.
Current thread:
- [PEN-TEST] Your opinions are solicited ... Jim Miller (Oct 31)
- Re: [PEN-TEST] Your opinions are solicited ... Thomas Reinke (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... van der Kooij, Hugo (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... krisk (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... L.W. (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... Paul Robinson (Nov 01)
- <Possible follow-ups>
- Re: [PEN-TEST] Your opinions are solicited ... St. Clair, James (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... Frank Knobbe (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... Paul Robinson (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... Deus, Attonbitus (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... L.W. (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... Paul Robinson (Nov 01)
- Re: [PEN-TEST] Your opinions are solicited ... Shawn Davenport (Nov 01)
- [PEN-TEST] "Get out of Jail Free" Gary Warner (Nov 01)