Solved

Penetration test revealed - Web server unknown location redirect uses private IP address

Posted on 2011-03-03
3
435 Views
Last Modified: 2012-05-11
An auditor did a penetration test of our network and recommended we correct the following.

Following is exactly what they wrote....no more no less. I'm a little confused and I need to correct it today.

'Web server - unknown location redirect uses private IP address'
0
Comment
Question by:bernardb
  • 2
3 Comments
 
LVL 28

Accepted Solution

by:
strickdd earned 500 total points
ID: 35030101
This means that one of you server redirects is not using the domain or relative path to send the request from one site to another. Instead it is using the IP address of the server. This can occur with an IIS redirect or potentially redirecting to an error page.

I would suggest asking for the description and documentation from the testing tool about this error message to figure out what it means for the tool. I would also get the result from the test that should contain what the test was doing and where it was redirecting to.
0
 

Author Comment

by:bernardb
ID: 35031092
More info...it says the following

"Web server discloses private IP address
The web server is located behind a firewall. The firewall translates the public IP address of the web server (63.xxx.xxx.xxx) to a private IP address (10.xxx.xxx.xxx).
When the web server handles a request for an unknown location, it will redirect the browser to another location. This location includes the private IP address of the web server."

xxxxxxxx

The information provided by the web servers can be used by an attacker to enhance the effectiveness of as-yet unknown vulnerabilities.

xxxxxxxx

Your company should configure the web server to use the hostname  when redirecting browsers (instead of the IP address).
0
 

Author Comment

by:bernardb
ID: 35031318
No other responses? This is the info given to us by the auditors
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question