Hello folks,
Does anyone know what load balancer has this behavior?. Apparently
requesting over HTTP 1.0 without a trailing slash reveals the internal
IP addresses of the web servers.
<HTTP 1.0 without trailing slash>
--> HEAD /docs HTTP/1.0
HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Jan 2008 09:59:57 GMT
Server: Apache
Location: http://192.168.1.2/docs/
Connection: close
Content-Type: text/html; charset=iso-8859-1
--> HEAD /docs HTTP/1.0
HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Jan 2008 09:59:57 GMT
Server: Apache
Location: http://192.168.1.4/docs/
Connection: close
Content-Type: text/html; charset=iso-8859-1
--> HEAD /docs HTTP/1.0
HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Jan 2008 09:59:57 GMT
Server: Apache
Location: http://192.168.1.3/docs/
Connection: close
Content-Type: text/html; charset=iso-8859-1
<HTTP 1.0 with trailing slash>
--> HEAD /docs/ HTTP/1.0
HTTP/1.1 200 OK
Date: Tue, 15 Jan 2008 10:00:14 GMT
Server: Apache
Connection: close
Content-Type: text/html
<HTTP 1.1 without trailing slash>
--> HEAD /docs HTTP/1.1
--> HOST: example.com
HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Jan 2008 10:00:43 GMT
Server: Apache
Location: http://example.com/docs/
Connection: close
Content-Type: text/html; charset=iso-8859-1
<HTTP 1.1 with trailing slash>
--> HEAD /docs/ HTTP/1.1
--> HOST: example.com
HTTP/1.1 200 OK
Date: Tue, 15 Jan 2008 10:01:00 GMT
Server: Apache
Connection: close
Content-Type: text/html
Ed <blogdoteonsecdotcom>
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Jan 17 2008
Intro
