The Via general-header field MUST be used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests, and between the origin server and the client on responses......
This means that if a proxy is involved there will be a Via header.
Moreover there is the X-Forwarded-For header (NOT part of the standard) used for example by squid proxy, which indicates the original host issuing the request.
Of course nothing prohibits a DoS host to insert these headers to fake a proxy!!
Stefanos
Fischer, Ilona wrote:
IMHO it's the definition of a proxy to send/recive requests instead of client... that means only the proxy was talking with the webserver -> in the HTTP-header was only the IP of the Proxy
Regards :o) Ilona
-----Ursprüngliche Nachricht----- Von: Henri Gomez [mailto:[EMAIL PROTECTED] Gesendet: Montag, 28. Juli 2003 18:01 An: Tomcat Developers List Betreff: Re: AW: [5.0] Connector default configuration + connection timeout
Fischer, Ilona a écrit :
Protection against DOS attack should also have some glues like :
- Max clients from the same IP (ie DOS attack from the same host).
How would you distinguish between users coming from big proxy and a
DOS-attack? Our access.logs shows that approx. 30% acesses
comes from
t-online (a big ISP in germany) and AOL....
That's right (T-ONLINE and AOL) are big hackers ;)
More seriously, in such case there must be the original IP somewhere in the HTTP header isn't it ?
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- ====================================================================== Stefanos Karasavvidis Electronic & Computer Engineer e-mail : [EMAIL PROTECTED]
Multimedia Systems Center S.A. Kissamou 178 73100 Chania - Crete - Hellas http://www.msc.gr
Tel : +30 2821 0 88447 Fax : +30 2821 0 88427
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]