|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Web Server Reverse Proxy BugHi - i recently used the vulnerability assessment service for our web server
& the following was reported by the system "The remote Web server seems to allow any anonymous user to use it as a reverse proxy. This may expose internal services to potential mapping and, henceforth, compromise." I am not sure i understand this issue & i was wondering if someone can explain to me or point me in the right direction. How do i get rid of this bug? Please help. Windows 2000 , IIS 5.0 . No idea, what Vunerability assessment service is that. didn't it tell you
how to solve it and the concept behind the reporting item? -- Show quoteHide quoteRegards, Bernard Cheah http://www.microsoft.com/iis/ http://www.iiswebcastseries.com/ http://www.msmvps.com/bernard/ "Pankaj" <Pan***@discussions.microsoft.com> wrote in message news:5444C950-E3CE-4494-BAFB-3F08BCD223FB@microsoft.com... > Hi - i recently used the vulnerability assessment service for our web > server > & the following was reported by the system "The remote Web server seems to > allow any anonymous user to use it as a reverse proxy. This may expose > internal > services to potential mapping and, henceforth, compromise." > > I am not sure i understand this issue & i was wondering if someone can > explain to me or point me in the right direction. > > How do i get rid of this bug? Please help. > > Windows 2000 , IIS 5.0 . > > 
Other interesting topics
Ideas on deferring authentication?
AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!! .net user not working IIS6 SSL Site showing Page not found Is MBSchExt.xml a legitimate schema file ? Classic ASP Page not running under IIS6.0 Removing IIS Passwords IIS and domain security Installing root certificate & chain IIS 6.0 Website requests authentication - anonymous is checked |
|||||||||||||||||||||||
