IIS 6 IP Address Leak--How to prove NAT'ed IP is no longer visible

Posted on 2010-09-10
Medium Priority
Last Modified: 2012-05-10
I need to ensure that our NAT'd IP address is not visible from the outside.We are using this server for Outlook Web Access (over SSL).  Please refer to this MS article for complete description.


I have made the change recommended in Option 1 of the article. I have 2 questions...

Does this 'guarantee' that our internal IP is not leaked or are there some gotchas?

Most importantly...I need to prove to auditors that this item has been completely resolved. I need to provide screenshots/documentation...I can't just tell them that I did it. How can I prove this using a scan or some other method? Please be as specific and thorough as possible.

IIS 6 running on Windows 2003 SP2.

Question by:FIFBA
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 20

Expert Comment

ID: 33648091
Just be sure that the host-name you are providing by using that workaround doesn't resolve back to an IP you want protected - other than that, you should be fine.

Author Comment

ID: 33648156
But I need to prove this is the case for auditors...How can I do this? I assume there are some commands I can run against the server that will give me some useful output...just need someone to walk me through this.

Expert Comment

ID: 33648223
If you fixed the issue by applying the MS hotfix then why don't you submit a screenshot of the installed hotfix along with a screenshot of the relevant modified files and their versions, as shown in the link you provided above?
Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.


Author Comment

ID: 33648305
I would prefer to run some kind of command against the server to verify that the internal IP is not leaked. If this was a problem, there is obviously some way to test for the problem else it would not be a vulnerability. I appreciate the  help so far...I just feel the auditors are going to want some kind of real-time verification. If I give them screenshots of a hotfix (which is included in a prior service pack), this would imply that the issue is resolved. I would not want an auditor to come back with a 'gotcha' at a later date after I state (in writing) that the issue is resolved... This is out of my realm of expertise but I have seen posts out there where someone was able to determine their IP address is still leaked after following the MS article. I need to ensure that this is not the case in our environment.

LVL 20

Accepted Solution

woolnoir earned 2000 total points
ID: 33648464
> telnet site_to_test 80
GET / HTTP/1.0
(press return twice) and voila, the NAT address appears in the header: Content-Location: http://192.168.xxx.xxx/index.html < see what the output is.

Author Comment

ID: 33649051
Woolnoir: This is what I'm looking for. Can I test a https site with this also using the same syntax (except port 443)?
LVL 20

Expert Comment

ID: 33649101
http://www.bearfruit.org/2008/04/17/telnet-for-testing-ssl-https-websites/ that shows a way to do it with HTTPS - you need Linux though ideally.

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question