Home page logo
/

bugtraq logo Bugtraq mailing list archives

RE: [Full-disclosure] Anonymous Web Attacks via DedicatedMobileServices
From: "Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>
Date: Sun, 24 Jul 2005 10:46:49 +1200

 

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk 
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf 
Of Morning Wood
Sent: Wednesday, 20 July 2005 5:02 a.m.
To: Petko Petkov; bugtraq () securityfocus com
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Anonymous Web Attacks via 
DedicatedMobileServices

google's language translation also does this..
http://ipchicken.com
http://translate.google.com/translate?u=http://ipchicken.com

Regarding Google - yes, if you log only connections.
However, when you use translate.google.com service, Google will add a new
header in the HTTP request:

X-Forwarded-For: <IP address>

All proxy servers should add this header, even in the case of multiple
proxying, in which case all IP addresses should be listed under this header.

For Apache, there is even a mod_extract_forwarded module which should change
the connection so it looks like it's coming from the IP behind the proxy
server.


I don't see any special risk with this, even for mobile devices (mentioned
in the original post) -- a proxy just does it's job, no matter which proxy
it is. If Google keeps logs, even if you don't save X-Forwarded-For header
and parse them, you can find out who visited the web page, if it goes to
investigation.

Cheers,

Bojan


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]