?
Solved

Penetration test revealed - Web server unknown location redirect uses private IP address

Posted on 2011-03-03
3
Medium Priority
?
438 Views
Last Modified: 2012-05-11
An auditor did a penetration test of our network and recommended we correct the following.

Following is exactly what they wrote....no more no less. I'm a little confused and I need to correct it today.

'Web server - unknown location redirect uses private IP address'
0
Comment
Question by:bernardb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 28

Accepted Solution

by:
strickdd earned 2000 total points
ID: 35030101
This means that one of you server redirects is not using the domain or relative path to send the request from one site to another. Instead it is using the IP address of the server. This can occur with an IIS redirect or potentially redirecting to an error page.

I would suggest asking for the description and documentation from the testing tool about this error message to figure out what it means for the tool. I would also get the result from the test that should contain what the test was doing and where it was redirecting to.
0
 

Author Comment

by:bernardb
ID: 35031092
More info...it says the following

"Web server discloses private IP address
The web server is located behind a firewall. The firewall translates the public IP address of the web server (63.xxx.xxx.xxx) to a private IP address (10.xxx.xxx.xxx).
When the web server handles a request for an unknown location, it will redirect the browser to another location. This location includes the private IP address of the web server."

xxxxxxxx

The information provided by the web servers can be used by an attacker to enhance the effectiveness of as-yet unknown vulnerabilities.

xxxxxxxx

Your company should configure the web server to use the hostname  when redirecting browsers (instead of the IP address).
0
 

Author Comment

by:bernardb
ID: 35031318
No other responses? This is the info given to us by the auditors
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question