We use WebSTAR Rewrite to proxy requests through to 4D Client which uses
ITK to server A4D and some legacy CGI pages. The network security folks
here routinely run exploit/vulnerability tests on all servers. Lately
the 4D Client that serves our Active4D pages has been consistently
hanging (not crashing, but has to be Force Quit) after being barraged by
these tests.
This morning I turned on some extra debug logging in 4D Client to see if
I could get a better idea of what was going on?
I saw a lot of request come through that I thought would have been
filtered by Rewrite being that I only forward .a4d and requests that
match our CGI spec through. This makes me think that the exploits are
directly hitting 4D Client on the port the ITK web server is serving on.
Based on my debug logs it also appears that some of these requests are
making it through to Active4D's built in http processor and possibly
causing 4D Client to hang. An example would be something like this
request with a very long query string parameter
/scripts/w3who.dll?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Our setup is:
4D Server 2003.7 running on W2K server
4D Client 2003.7 running on MacOS 10.2.8
ITK Web Server
Active4D 3.0.1b7
WebSTAR 4.3.5 (latest patch)
I'm thinking that the easiest way to fix this would be to configure the
firewall so that only trusted traffic gets to the ITK web server.
That would be traffic
* proxied from WebSTAR on 127.0.0.1
* from one IP on our subnet that runs Whistleblower (I have some tests
that directly check the web client).
Is this possible? If so, any tips or references on how to do so would be
appreciated.
Other ideas would be appreciated too.
Thanks,
Brad Perkins
_______________________________________________
Active4D-dev mailing list
[email protected]
http://mailman.aparajitaworld.com/mailman/listinfo/active4d-dev
Archives: http://mailman.aparajitaworld.com/archive/active4d-dev/
