[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1507
  • Last Modified:

IIS/Apache contains a vulnerability that may disclose your internal IP address or internal network name to remote attackers-How to resolve it.

Microsoft IIS contains a vulnerability that may disclose your internal IP address or internal network name to remote attackers-How to resolve it or same problem we are getting from Apache running on UNIX.
I checked for the solution on: http://support.microsoft.com/kb/q218180/ , but it is saying about FQDN, while I want to put my host name only (for internal server)...Is it possible and How...?
0
Brijeshk9
Asked:
Brijeshk9
  • 2
  • 2
2 Solutions
 
Brijeshk9Author Commented:
any Solution...?
0
 
cj_1969Commented:
I am not seeing that this is an error with just Apache.
If you are running IIS with mod_jk to pass requests for jsp pages to Tomcat then you could/would have this problem ... but the problem is specific to IIS.

The fix is still the same as in the document/page you referenced.  You do not have to use the FQDN, you should be able to run the adsutil script and replace the content using just the server name.
0
 
cj_1969Commented:
If you click through to the IIS 6 solution page (http://support.microsoft.com/kb/834141/) they give you the command for setHostName which should allow you to over ride the default of the FQDN and use what ever you want.
0
 
gheistCommented:
For Apache - just set hostname to hostname or 127.0.0.1, so that apache never uses IP address in headers.
0
 
Brijeshk9Author Commented:
Thanks..!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now