Solved

An Internal IP address or hostname can be obtained through information gathering techniques. This allows intruders to obtain a better understanding of your internal network

Posted on 2009-04-06
12
443 Views
Last Modified: 2012-06-21
An Internal IP address or hostname can be obtained through information gathering techniques. This allows intruders to obtain a better understanding of your internal network
0
Comment
Question by:Brijeshk9
  • 5
  • 4
  • 3
12 Comments
 

Author Comment

by:Brijeshk9
ID: 24083974
How to remove this kind of Vulnerabilities......?
0
 

Author Comment

by:Brijeshk9
ID: 24084631
now its urgent for me, please suggest for apache running on Unix...?
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24084647
I am from linux background, not unix , but can you sent me the link from where you got this information ??

is that any security review ??
0
 

Author Comment

by:Brijeshk9
ID: 24084772
we have a setup to scan all the Vulnerabilities in our Environment ,and I have shared one of the website Vulnerabilities (which we got after scanning our websites/servers)-now I have solution for IIS, but dont have any idea about Apache running on Unix/Linux...!
will really appreciate if you can help me on it.
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24084802
omm about apache .. i have read couple of books, but i realy dont understand what you meant, because by deault apache is secure ..

if you installed latest security patch of apache ( what ever version you using) , you would not have to worry to much ..

but if you can explain to me little bit what step you took to fix you IIs, then i could of compare that problem with apache ..

0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 400 total points
ID: 24085169
You can set any hostname in httpd.conf
Best if it matches one obtained from reverse dns lookup of public IP address.
Look inside the file - no rocket science in there.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:Brijeshk9
ID: 24094100
ok,let me try to be more explicit on it:
Problem is: i dont want my ip do be discolsed in any header when i browse for my website.
Symptoms:When you use static HTML pages (for example, Default.htm), a Content-Location header is added to the response. the Content-Location references the IP address of the server instead of the Fully Qualified Domain Name (FQDN) or Hostname.
This header may expose internal IP addresses that are typically hidden or masked behind a Network Address Translation (NAT) Firewall or a proxy server

and here is the evidence \Example for this problem i am facing

HEAD / HTTP/1.0

HTTP/1.1 200 OK
Date: Wed, 11 Mar 2009 08:04:34 GMT
Server: Oracle-Application-Server-10g/10.1.2.2.0 Oracle-HTTP-Server
Content-Location: index.html.en
Vary: negotiate,accept-language
TCN: choice
Last-Modified: Tue, 06 Mar 2007 18:22:27 GMT
ETag: "33f4d5-4d11-45edb163;45edb163"
Accept-Ranges: bytes
Content-Length: 19729
Content-Type: text/html
Content-Language: en
Expires: Wed, 11 Mar 2009 08:04:34 GMT
Connection: close
did you get it now...!
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 400 total points
ID: 24094721
I do not see any intranet reference here. It is plain mistinterpretation by automated scanner.

ServerTokens ProductOnly

will hopefully remove Oracle version 10.1.2.2 which your dumb outsourced scan misrepresents as intranet address. Hiding version is good for security against automated scanners.
0
 
LVL 29

Expert Comment

by:fosiul01
ID: 24095566
so you are worreid about this tag ??
ETag: "33f4d5-4d11-45edb163;45edb163"  
0
 
LVL 29

Assisted Solution

by:fosiul01
fosiul01 earned 100 total points
ID: 24095580
but you said apache or IIs, here apache or IIs is nothign to with this

we use NAT TO hide our internal network address, if you use nat ,other site will see your public ip , not Internal Ip
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 400 total points
ID: 24095640
ETag is GUID, it has nothing to do with internet or intranet, do not panic, no private parts exposed to world.
ETag improves efficiency of HTTP protocol, by serving as unique ID so that browser fetches only changed pages, You can disable it, but I will not help you break your server.
0
 

Accepted Solution

by:
Brijeshk9 earned 0 total points
ID: 24104888
Thanks..!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
If you've heard about htaccess and it sounds like it does what you want, but you're not sure how it works... well, you're in the right place. Read on. Some Basics #1. It's a file and its filename is .htaccess (yes, with a dot in the front). #…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now