Lots of risks.
There are all matter of problems involving poorly written
scripts and CGI's; maybe most notably ASP scripts accepting
user input and pasting it into SQL queries without sanitizing
them - which means you can use VBScript Shell() commands in the SQL
query.
Also there are the issues of buffer overruns in the web server,
for instance the .HTR bug that was adressed a while ago. Just
because one or two bugs have been found and corrected, don't
assume there aren't any more.
Abide by the golden rule: If external users can execute
commands on a server (be it HTTP requests or whatever),
it SHOULD be considered unsafe and placed in a DMZ.
What we're seeing today (no flames telling me it's been
going on for ages, please) is a move from network layer attacks
to data-driven attacks, which is a LOT harder to catch
in a firewall. Simply checking that nothing breaks protocol rules
is not enough - the best you can do is play catch up like
antivirus products do.
avishver wrote:
>
> Hello,
>
> Is there any risk permitting HTTP header moving
> from the outside part of a bastion host (coming from
> the client's browser) into a web server placed in the
> inner side ?.
>
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46-(0)660-105 50 Fax: +46-(0)660-122 50
Mobile: +46-(0)70-248 00 33
WWW: http://www.enternet.se E-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
