IIS respond private address

From: Nobuo Miwa (n-miwaat_private)
Date: Fri Jul 16 1999 - 22:03:16 PDT

Next message: Ollivier Robert: "Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2"

Previous message: Salvatore Sanfilippo -antirez-: "to prevert port scanning in linux 2.0.x"
Next in thread: Nobuo Miwa: "Re: IIS respond private address"
Reply: Nobuo Miwa: "Re: IIS respond private address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Folks who have IIS bihind Firewall,

My IIS 4.0 respond its real IP Address unashamedly even if
they are behind Firewall and it has private address.

It's easy to test for everyone.

   $ telnet www.some.where 80
   Trying ***.***.**.3...
   Connected to www.some.where.
   Escape character is '^]'.
   GET / HTTP/1.0

   HTTP/1.1 200 OK
   Server: Microsoft-IIS/4.0
   Content-Location: http://192.168.10.15/index.html
   ...

I've tested this on Japanese IIS 4.0 SP5 but I've not tested
many cases yet. Please comment.

I searched some informations for controlling Content-Location
header. But I couldn't find its solution.
I just want to hide my private address from all over the world...


<Nobuo Miwa> n-miwaat_private            ( @ @ )      http://www.lac.co.jp
------------------------------------o00o--(. .)--o00o----------------------
LAC CO.,LTD.   TEL: +1-617-367-6726   FAX: +1-617-367-6726

Next message: Ollivier Robert: "Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2"
Previous message: Salvatore Sanfilippo -antirez-: "to prevert port scanning in linux 2.0.x"
Next in thread: Nobuo Miwa: "Re: IIS respond private address"
Reply: Nobuo Miwa: "Re: IIS respond private address"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:52:45 PDT