WebApp Sec mailing list archives
RE: Reverse Proxy and Link Encoding
From: Amit Klein <Amit.Klein () SanctumInc com>
Date: Thu, 05 Jun 2003 13:23:23 +0300
Hi Michael, There are several commercial products that implement this concept - for example, Sanctum (the company I work for) offers AppShield (http://www.sanctuminc.com/solutions/appshield/index.html). We coded what you described below into AppShield (we call this technology DPRE - Dynamic Policy Recognition Engine). In order to provide more flexibility, we also give the customer the ability to write "exception rules" which override DPRE, thus allowing links that are not found in the HTML pages. There's a slight difference in the implementation though. We do not change the HTML pages so that links are pointing at AppShield. Rather, we let AppShield (instead of the original web server) have the IP that is exposed to the Internet, and then have AppShield forward the request to the web server (which is not accessible from the Internet). Thus, the HTML pages are not modified. In AppShield, we compare an incoming request to the links that we extracted from the HTML pages, and if a match is found, we forward the request. If you're interested in more details, please do not hesitate to contact me. Thanks, -Amit Amit Klein Director of security and audit practices Sanctum, Ltd. http://www.SanctumInc.Com/ Ampa Bldg., 1 Sapir Street. Mail: P.O.Box 12047 Herzliya 46733, ISRAEL Tel: +972-9-9586077 Ext. 225 Fax: +972-9-9576337 Amit.Klein () SanctumInc Com
Current thread:
- Reverse Proxy and Link Encoding Michael Naef (Jun 01)
- RE: Reverse Proxy and Link Encoding Lluis Mora (Jun 03)
- RE: Reverse Proxy and Link Encoding Michael Naef (Jun 05)
- Re: Reverse Proxy and Link Encoding security lists (Jun 05)
- <Possible follow-ups>
- RE: Reverse Proxy and Link Encoding Amit Klein (Jun 05)
- RE: Reverse Proxy and Link Encoding Amit Klein (Jun 09)
- RE: Reverse Proxy and Link Encoding Bill Burge (Jun 09)
- Re: Reverse Proxy and Link Encoding Death Star (Jun 13)
- RE: Reverse Proxy and Link Encoding Lluis Mora (Jun 03)