[LARTC] RE: [Lula] Routing Web to internal IIS servers

Mon, 31 Mar 2003 06:29:28 -0800 

Hi, Todd

What kind of tests you did ?

Thanks a lot for the tips... I'm changing it NOW

cheers

Diogo Carlos Fernandes
Technical Support Manager

Real Media Latin America 
www.realmedia.com 

Phone .: 55+11+3842-2166 
Mobile .: 55+11+9266-5325 
e-mail .: [EMAIL PROTECTED] 



-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Todd
Lyons
Sent: Saturday, March 29, 2003 2:45 AM
To: MrBiTs
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [Lula] Routing Web to internal IIS servers


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MrBiTs wanted us to know:

>                   <Directory proxy:*>
>                           Order deny,allow
>                           Allow from all

BAD BAD BAD!!!  You just told it to proxy ANYTHING instead of just the
domains that you want.  I just checked, I was able to proxy through your
machine to my website.  It won't be long that spammers and porn dealers
will be using your machine to proxy to them which masks their identity
to the untrained eye.  Interestingly, when I go to google.com, it brings
up www.google.com.br because it appears to be sourcing it from your IP
(you are proxying it).

Fix that now before it becomes abused!
- -- 
Blue skies...   Todd    Public key: http://www.mrball.net/todd.asc
>SELECT * FROM users WHERE clue > 0
0 rows returned                        --Steve "BOFH" B.
Linux kernel 2.4.19-24mdk   7 users,  load average: 0.04, 0.01, 0.00
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: http://www.mrball.net/todd.asc

iD8DBQE+hTLjIBT1264ScBURAt/MAKCPVrcUGmlnruUFnF/jTECO83zs1gCgjkmY
kJGDC1WlBQ4X+PlebRyMtiE=
=2RDo
-----END PGP SIGNATURE-----
_______________________________________________
Lula mailing list
[EMAIL PROTECTED]
http://www.lula.org/mailman/listinfo/lula

Esta mensagem foi verificada pelo E-mail Protegido Terra.
Scan engine: VirusScan / Atualizado em 26/03/2003 / Vers�o: 1.3.13
Proteja o seu e-mail Terra: http://www.emailprotegido.terra.com.br/



_______________________________________________
LARTC mailing list / [EMAIL PROTECTED]
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Reply via email to