[unisog] Pseudo-anon apache proxy/relay bug?
huba at uidaho.edu
Wed Jan 23 20:46:14 GMT 2002
-----BEGIN PGP SIGNED MESSAGE-----
Turns out it's a lack of apache config smarts amongst our web folks.
A simple control block like so fixes this:
Deny from !^129\.101.*
Allow from ^129\.101.*
On to the next task--figuring out why nessus plugins auto-update
script is broke.
- -----Original Message-----
From: salderma at mabel.cis.brown.edu
[mailto:salderma at mabel.cis.brown.edu]
Sent: Wednesday, January 23, 2002 12:03 PM
To: Huba Leidenfrost
Subject: Re: [unisog] Pseudo-anon apache proxy/relay bug?
I think it's a straight configuration option in Apache. Check out
mod_proxy. It's one of Apache's core modules - meaning that it's in
standard Apache download and does not have to be added and compiled
Documentation on this module is available here:
Check out the ProxyRequests directive. I believe that's the one you
to look for.
Best of luck,
On Wed, 23 Jan 2002, Huba Leidenfrost wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Even though we don't have proxying enabled, it appears that on one
> of our apache web servers seems to have a proxy "feature" enabled
> that shouldn't be. I can point to it as my proxy and it will
> gladly fetch anything I want. My IP still shows up as the
> requester but the end site I wish to surf sees the webserver as the
> requesting IP and not mine. Somewhat of a poor-mans pseudo-anon
> proxy. I've searched for a bug saying this is fixed in a newer
> version of apache but can't
> find any mention of it.
> Has anyone else noticed this problem? It showed on the radar
> because our access_log on one of our webservers grew tremendously
> and we
> noticed the volume was all requests for porn sites being made from
> IPs outside of our /16.
> H u b a
> - - - - --
> --- O HUBA LEIDENFROST Systems Security Analyst
> -- <^- huba at uidaho.edu Information Technology Services
> -- -\/\ http://2170928926/~huba
> --- \ TEL: 208.885.2126 FAX: 208.885.7539
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use
> -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----
More information about the unisog