?
Solved

An Internal IP address or hostname can be obtained through information gathering techniques. This allows intruders to obtain a better understanding of your internal network

Posted on 2009-04-06
12
Medium Priority
?
451 Views
Last Modified: 2012-06-21
An Internal IP address or hostname can be obtained through information gathering techniques. This allows intruders to obtain a better understanding of your internal network
0
Comment
Question by:Brijeshk9
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
12 Comments
 

Author Comment

by:Brijeshk9
ID: 24083974
How to remove this kind of Vulnerabilities......?
0
 

Author Comment

by:Brijeshk9
ID: 24084631
now its urgent for me, please suggest for apache running on Unix...?
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24084647
I am from linux background, not unix , but can you sent me the link from where you got this information ??

is that any security review ??
0
The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

 

Author Comment

by:Brijeshk9
ID: 24084772
we have a setup to scan all the Vulnerabilities in our Environment ,and I have shared one of the website Vulnerabilities (which we got after scanning our websites/servers)-now I have solution for IIS, but dont have any idea about Apache running on Unix/Linux...!
will really appreciate if you can help me on it.
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24084802
omm about apache .. i have read couple of books, but i realy dont understand what you meant, because by deault apache is secure ..

if you installed latest security patch of apache ( what ever version you using) , you would not have to worry to much ..

but if you can explain to me little bit what step you took to fix you IIs, then i could of compare that problem with apache ..

0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 1600 total points
ID: 24085169
You can set any hostname in httpd.conf
Best if it matches one obtained from reverse dns lookup of public IP address.
Look inside the file - no rocket science in there.
0
 

Author Comment

by:Brijeshk9
ID: 24094100
ok,let me try to be more explicit on it:
Problem is: i dont want my ip do be discolsed in any header when i browse for my website.
Symptoms:When you use static HTML pages (for example, Default.htm), a Content-Location header is added to the response. the Content-Location references the IP address of the server instead of the Fully Qualified Domain Name (FQDN) or Hostname.
This header may expose internal IP addresses that are typically hidden or masked behind a Network Address Translation (NAT) Firewall or a proxy server

and here is the evidence \Example for this problem i am facing

HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Wed, 11 Mar 2009 08:04:34 GMT
Server: Oracle-Application-Server-10g/10.1.2.2.0 Oracle-HTTP-Server
Content-Location: index.html.en
Vary: negotiate,accept-language
TCN: choice
Last-Modified: Tue, 06 Mar 2007 18:22:27 GMT
ETag: "33f4d5-4d11-45edb163;45edb163"
Accept-Ranges: bytes
Content-Length: 19729
Content-Type: text/html
Content-Language: en
Expires: Wed, 11 Mar 2009 08:04:34 GMT
Connection: close
did you get it now...!
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 1600 total points
ID: 24094721
I do not see any intranet reference here. It is plain mistinterpretation by automated scanner.

ServerTokens ProductOnly

will hopefully remove Oracle version 10.1.2.2 which your dumb outsourced scan misrepresents as intranet address. Hiding version is good for security against automated scanners.
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24095566
so you are worreid about this tag ??
ETag: "33f4d5-4d11-45edb163;45edb163"  
0
 
LVL 29

Assisted Solution

by:fosiul01
fosiul01 earned 400 total points
ID: 24095580
but you said apache or IIs, here apache or IIs is nothign to with this

we use NAT TO hide our internal network address, if you use nat ,other site will see your public ip , not Internal Ip
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 1600 total points
ID: 24095640
ETag is GUID, it has nothing to do with internet or intranet, do not panic, no private parts exposed to world.
ETag improves efficiency of HTTP protocol, by serving as unique ID so that browser fetches only changed pages, You can disable it, but I will not help you break your server.
0
 

Accepted Solution

by:
Brijeshk9 earned 0 total points
ID: 24104888
Thanks..!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month8 days, 22 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question