The WebServer is a IIS and it's running Microsoft Sharepoint as the application server. The guys at Microsoft told us that is impossible to change the way cookies are sent in binary to the web clients.
Is there any other workaround for this problem? Thanks... -----Mensaje original----- De: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] En nombre de Ray Enviado el: Friday, August 26, 2005 7:16 PM Para: [email protected] Asunto: Re: [FW-1] Problem with a WebServer Tell those folks to fix their web site. Allowing binary in a header is a dangerous thing. We had this with one web site we used a lot after they did a new site. Most of the graphics were missing, it looked horrible, links didn't work, etc. After I contacted them, they fixed the problem. They said they were using an encrypted cookie and that was what was causing the problem. They changed it so it only used ASCII and the site cleaned right up. Ray >From: "Diego F. Lastra S." <[EMAIL PROTECTED]> >Reply-To: Mailing list for discussion of Firewall-1 ><[email protected]> >To: [email protected] >Subject: [FW-1] Problem with a WebServer >Date: Fri, 26 Aug 2005 14:31:04 -0500 > >Hi, >I have a problem with a WebServer running under a Checkpoint VPN-1 Pro NG >AI >R55. >The message in the log is: > >Number: 344735 >Date: 26Aug2005 >Time: 13:11:31 >Product: SmartDefense >Interface: eth1 >Origin: FW-XXXX >Type: Log >Action: Reject >Protocol: tcp >Service: http (80) >Source: 10.10.146.205 >Destination: 172.20.8.112 >Source Port: 3738 >Attack Name: Malformed HTTP >Attack Information: Non-ASCII character in HTTP header > >Even though I tried to disable some rules at the SmartDefense and >WebIntelligence still gives this error. > >Any clues? >____________________________________________ >Diego F. Lastra S. >Infraestructura y Soporte Técnico >www.xertix.com >[EMAIL PROTECTED] >Conm. (55) 3003-1300 >Dir. (55) 3003-1381 >Fax. (55) 3003-1302 >____________________________________________ > > >================================================= >To set vacation, Out-Of-Office, or away messages, >send an email to [EMAIL PROTECTED] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >If you have any questions on how to change your >subscription options, email >[EMAIL PROTECTED] >================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
