Solved

An Internal IP address or hostname can be obtained through information gathering techniques. This allows intruders to obtain a better understanding of your internal network

Posted on 2009-04-06
12
450 Views
Last Modified: 2012-06-21
An Internal IP address or hostname can be obtained through information gathering techniques. This allows intruders to obtain a better understanding of your internal network
0
Comment
Question by:Brijeshk9
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
12 Comments
 

Author Comment

by:Brijeshk9
ID: 24083974
How to remove this kind of Vulnerabilities......?
0
 

Author Comment

by:Brijeshk9
ID: 24084631
now its urgent for me, please suggest for apache running on Unix...?
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24084647
I am from linux background, not unix , but can you sent me the link from where you got this information ??

is that any security review ??
0
Raise the IQ of Your IT Alerts

From IT major incidents to manufacturing line slowdowns, every business process generates insights that need to reach the people required to take action. You need a platform that integrates with your business tools to create fully enabled DevOps toolchains.

You need xMatters.

 

Author Comment

by:Brijeshk9
ID: 24084772
we have a setup to scan all the Vulnerabilities in our Environment ,and I have shared one of the website Vulnerabilities (which we got after scanning our websites/servers)-now I have solution for IIS, but dont have any idea about Apache running on Unix/Linux...!
will really appreciate if you can help me on it.
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24084802
omm about apache .. i have read couple of books, but i realy dont understand what you meant, because by deault apache is secure ..

if you installed latest security patch of apache ( what ever version you using) , you would not have to worry to much ..

but if you can explain to me little bit what step you took to fix you IIs, then i could of compare that problem with apache ..

0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 400 total points
ID: 24085169
You can set any hostname in httpd.conf
Best if it matches one obtained from reverse dns lookup of public IP address.
Look inside the file - no rocket science in there.
0
 

Author Comment

by:Brijeshk9
ID: 24094100
ok,let me try to be more explicit on it:
Problem is: i dont want my ip do be discolsed in any header when i browse for my website.
Symptoms:When you use static HTML pages (for example, Default.htm), a Content-Location header is added to the response. the Content-Location references the IP address of the server instead of the Fully Qualified Domain Name (FQDN) or Hostname.
This header may expose internal IP addresses that are typically hidden or masked behind a Network Address Translation (NAT) Firewall or a proxy server

and here is the evidence \Example for this problem i am facing

HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Wed, 11 Mar 2009 08:04:34 GMT
Server: Oracle-Application-Server-10g/10.1.2.2.0 Oracle-HTTP-Server
Content-Location: index.html.en
Vary: negotiate,accept-language
TCN: choice
Last-Modified: Tue, 06 Mar 2007 18:22:27 GMT
ETag: "33f4d5-4d11-45edb163;45edb163"
Accept-Ranges: bytes
Content-Length: 19729
Content-Type: text/html
Content-Language: en
Expires: Wed, 11 Mar 2009 08:04:34 GMT
Connection: close
did you get it now...!
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 400 total points
ID: 24094721
I do not see any intranet reference here. It is plain mistinterpretation by automated scanner.

ServerTokens ProductOnly

will hopefully remove Oracle version 10.1.2.2 which your dumb outsourced scan misrepresents as intranet address. Hiding version is good for security against automated scanners.
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24095566
so you are worreid about this tag ??
ETag: "33f4d5-4d11-45edb163;45edb163"  
0
 
LVL 29

Assisted Solution

by:fosiul01
fosiul01 earned 100 total points
ID: 24095580
but you said apache or IIs, here apache or IIs is nothign to with this

we use NAT TO hide our internal network address, if you use nat ,other site will see your public ip , not Internal Ip
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 400 total points
ID: 24095640
ETag is GUID, it has nothing to do with internet or intranet, do not panic, no private parts exposed to world.
ETag improves efficiency of HTTP protocol, by serving as unique ID so that browser fetches only changed pages, You can disable it, but I will not help you break your server.
0
 

Accepted Solution

by:
Brijeshk9 earned 0 total points
ID: 24104888
Thanks..!
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question