It seems that the java applet located on the host A is allowed to connect to the host B using HTTP 302 redirection on the host B.
Is it a normal behaviour? PoC: http://www.jumperz.net/exploits/appletTest1.jsp host A: www.gyosatu.com host B: www.jumperz.net In this PoC, the java applet is downloaded from www.gyosatu.com and connects to www.jumperz.net port 1111. Use "tcpdump port 1111" to see the packets. -- Kanatoko<[EMAIL PROTECTED]> Open Source WebAppFirewall http://guardian.jumperz.net/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/