Network Security: Detailed info on RE: [Full-disclosure] Anonymous Web Attacks via DedicatedMobileServices

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

RE: [Full-disclosure] Anonymous Web Attacks via DedicatedMobileServices

from [Alexander Klimov] Network Security

[Permanent Link]

Subject:	RE: [Full-disclosure] Anonymous Web Attacks via DedicatedMobileServices
Date:	Sat, 30 Jul 2005 10:04:58 +0300 (IDT)

On Sun, 24 Jul 2005, Bojan Zdrnja wrote:

Regarding Google - yes, if you log only connections.
However, when you use translate.google.com service, Google will add a new
header in the HTTP request:

X-Forwarded-For: <IP address>

All proxy servers should add this header, even in the case of multiple
proxying, in which case all IP addresses should be listed under this header.

For Apache, there is even a mod_extract_forwarded module which should change
the connection so it looks like it's coming from the IP behind the proxy
server.


If you do assume that x-forwarded-for is always genuine then you will
have problems when somebody with direct connection adds
x-forwarded-for to confuse you (this is very similar to email
headers).

BTW: I don't sure that it is that important for real attackers -- most
of them are likely to use owned hosts anyway.

-- 
Regards,
ASK

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] Anonymous Web Attacks via Dedicated Mobile Services, Petko Petkov Re: [Full-disclosure] Anonymous Web Attacks via Dedicated MobileServices, Morning Wood RE: [Full-disclosure] Anonymous Web Attacks via DedicatedMobileServices, Bojan Zdrnja Re: [Full-disclosure] Anonymous Web Attacks via DedicatedMobileServices, Petko Petkov RE: [Full-disclosure] Anonymous Web Attacks via DedicatedMobileServices, Alexander Klimov <=

Previous by Date:	RE: [VOIPSEC] VoIP-Phones: Weakness in proccessing SIP-Notify-Messages, Walton, John Michael (John)
Next by Date:	Kayako liveResponse Multiple Vulnerabilities, GulfTech Security Research
Previous by Thread:	Re: [Full-disclosure] Anonymous Web Attacks via DedicatedMobileServices, Petko Petkov
Next by Thread:	[Full-disclosure] [ISR] - Novell Groupwise WebAccess Cross-Site Scripting, Francisco Amato
Indexes:	[Date] [Thread] [Top] [All Lists]