Pierre, When I do that I get the html from this server then the connection is "closed by forign host" Before the "GET" command, nothing, just sits there waiting for input. But, it doesn't get any info from the server I tried, www.foo.com format..
On Sunday 10 March 2002 05:41 pm, you wrote: > FYI... > > I found a scumbag using my web server to hide behind while [s]he accessed > other servers. > > Mandrake: your server is also configured to allow these passthrough > requests! > > To test your server, issue these comamds: > > telnet <server> 80 > GET http://<some_other_server> HTTP/1.0 > > If you get the output from <some_other_server>, <server> is allowing > passthrough (proxy) connections. > > HTH, > Pierre > > Begin forwarded message: > > Date: Sun, 10 Mar 2002 12:26:17 -0800 > From: Ian Holsman <[EMAIL PROTECTED]> > To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>, "'[EMAIL PROTECTED]'" > <[EMAIL PROTECTED]> Subject: RE: 1.3.x allows passthrough > > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi Pierre > try disabling your proxy > > look for a line like > LoadModule proxy_module modules/.... > and comment it out by placing a '#' in front of it > > also > turn 'ProxyRequests' to OFF > (this is around line 988 on my config file) > > > -----Original Message----- > > From: Pierre Fortin [mailto:[EMAIL PROTECTED]] > > Sent: Sunday, March 10, 2002 7:55 AM > > To: [EMAIL PROTECTED] > > Subject: 1.3.x allows passthrough > > > > > > [Also reported to CERT since they have the same exposure; see > > below] > > > > I was monitoring my DSL link when I noticed some strange HTTP > > requests to > > my web site... someone was using my server to hide behind by > > formatting > > requests like this: > > > > GET http://somesite.domain/page HTTP/1.0 > > > > which caused my 1.3.20 to acquire and serve the requested > > remote page. To > > see if I was alone, I tried this on www.apache.org (2.0.32) > > which rejects > > this type of request, though I'm not sure if it is by design. > > > > I also tried such a query to www.cert.org and it *did* serve > > up a remote > > page. > > > > Hopefully there is at least a workaround... > > > > Pierre Fortin -- Ken Thompson, North West Antique Autos Payette, Idaho Email: [EMAIL PROTECTED] http://www.nwaa.com Sales and brokering of antique autos and parts. Linux- Coming Soon To A Desktop Near You Registered Linux User #183936
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
