Re: [FW-1] Problem with a WebServer

Fri, 26 Aug 2005 17:27:15 -0700

Tell those folks to fix their web site. Allowing binary in a header is a dangerous thing. We had this with one web site we used a lot after they did a new site. Most of the graphics were missing, it looked horrible, links didn't work, etc.
After I contacted them, they fixed the problem. They said they were using an encrypted cookie and that was what was causing the problem. They changed it so it only used ASCII and the site cleaned right up. 

Ray


From: "Diego F. Lastra S." <[EMAIL PROTECTED]>

Reply-To: Mailing list for discussion of Firewall-1              
<[email protected]>

To: [email protected]
Subject: [FW-1] Problem with a WebServer
Date: Fri, 26 Aug 2005 14:31:04 -0500

Hi,

I have a problem with a WebServer running under a Checkpoint VPN-1 Pro NG 
AI

R55.
The message in the log is:

Number:                 344735
Date:                           26Aug2005
Time:                           13:11:31
Product:                        SmartDefense
Interface:                      eth1
Origin:                         FW-XXXX
Type:                           Log
Action:                         Reject
Protocol:                       tcp
Service:                        http (80)
Source:                         10.10.146.205
Destination:            172.20.8.112
Source Port:            3738
Attack Name:            Malformed HTTP
Attack Information:     Non-ASCII character in HTTP header

Even though I tried to disable some rules at the SmartDefense and
WebIntelligence still gives this error.

Any clues?
____________________________________________
Diego F. Lastra S.
Infraestructura y Soporte Técnico
www.xertix.com
[EMAIL PROTECTED]
Conm. (55) 3003-1300
Dir. (55) 3003-1381
Fax. (55) 3003-1302
____________________________________________


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================






















					Reply via email to