[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dragonidsuser
Subject:    Re: I have a question...
From:       Ron Gula <rgula () ENTERASYS ! COM>
Date:       2001-08-02 14:05:40
[Download RAW message or body]

The difference is that the web server is acting as a proxy. Normally,
a web client issues a web request to a web server. With a web server
acting as a proxy, a web client can send a web request to one web
server which will send this request to the real web server.

Imagine a DMZ where there is an external web server that has a proxy
feature enabled. A hacker could send a proxy web request to the web
server in the DMZ, which may reference a web server behind the
firewall. If the firewall is misconfigured, this may allow an attacker
to send in an attack.

Normally, a web get request may look something like:

GET /index.html

However, with a proxy URL, it may look something like:

GET http://10.100.100.1/index.html

Ron Gula



At 11:31 AM 8/2/01 +0900, you wrote:
>>>>
Hi,

I don't know what PROXY:WEB-GET signature means.

It explains that a web server allows users to perform GET requests and this
may allows attackers to bypass a firewall.

But, when a user request a webpage by web browser, it also uses the 'get'
command. doesn't it ?
If so, I thing that this event should be occured by all http request.

<<<<

[prev in list] [next in list] [prev in thread] [next in thread]