Ooops... forgot to add that I needed to hit Return after sending the GET; so the full instructions are:
telnet <server> 80 GET http://<some_other_server> HTTP/1.0 <Return> Without the extra return, the command "just sits" there as you discovered. Sorry for the oversight, Pierre On Sun, 10 Mar 2002 18:01:13 -0700 Ken Thompson <[EMAIL PROTECTED]> wrote: > Pierre, > When I do that I get the html from this server then the connection is > "closed by forign host" > Before the "GET" command, nothing, just sits there waiting for input. > But, it doesn't get any info from the server I tried, www.foo.com > format.. > > On Sunday 10 March 2002 05:41 pm, you wrote: > > FYI... > > > > I found a scumbag using my web server to hide behind while [s]he > > accessed other servers. > > > > Mandrake: your server is also configured to allow these passthrough > > requests! > > > > To test your server, issue these comamds: > > > > telnet <server> 80 > > GET http://<some_other_server> HTTP/1.0 > > > > If you get the output from <some_other_server>, <server> is allowing > > passthrough (proxy) connections. > > > > HTH, > > Pierre > > > > Begin forwarded message: > > > > Date: Sun, 10 Mar 2002 12:26:17 -0800 > > From: Ian Holsman <[EMAIL PROTECTED]> > > To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>, > > "'[EMAIL PROTECTED]'"<[EMAIL PROTECTED]> Subject: RE: 1.3.x allows > > passthrough > > > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Hi Pierre > > try disabling your proxy > > > > look for a line like > > LoadModule proxy_module modules/.... > > and comment it out by placing a '#' in front of it > > > > also > > turn 'ProxyRequests' to OFF > > (this is around line 988 on my config file) > > > > > -----Original Message----- > > > From: Pierre Fortin [mailto:[EMAIL PROTECTED]] > > > Sent: Sunday, March 10, 2002 7:55 AM > > > To: [EMAIL PROTECTED] > > > Subject: 1.3.x allows passthrough > > > > > > > > > [Also reported to CERT since they have the same exposure; see > > > below] > > > > > > I was monitoring my DSL link when I noticed some strange HTTP > > > requests to > > > my web site... someone was using my server to hide behind by > > > formatting > > > requests like this: > > > > > > GET http://somesite.domain/page HTTP/1.0 > > > > > > which caused my 1.3.20 to acquire and serve the requested > > > remote page. To > > > see if I was alone, I tried this on www.apache.org (2.0.32) > > > which rejects > > > this type of request, though I'm not sure if it is by design. > > > > > > I also tried such a query to www.cert.org and it *did* serve > > > up a remote > > > page. > > > > > > Hopefully there is at least a workaround... > > > > > > Pierre Fortin > > -- > > > Ken Thompson, North West Antique Autos > Payette, Idaho > Email: [EMAIL PROTECTED] > http://www.nwaa.com > Sales and brokering of antique autos and parts. > > Linux- Coming Soon To A Desktop Near You > Registered Linux User #183936 > >
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com