Re: check the presence of a reverse proxy

From: Cedric Foll (cedric.foll@ac-rouen.fr)
Date: Wed Dec 01 2004 - 10:39:54 EST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

| So i would to check if my request to one of webserver
| is natted (by external firewall) to the proxy and
| redirected by the proxy to the webserver. I can work
| from Internet, from a subnet connected to external
| firewall, from a subnet connected to internal
| firewall.
|
| Some suggestions?
|

You can try crafted HTTP Request.
I've done such thing with a apache used as reverse proxy.

With bad request, the reverse proxy will return error.

For exemple:
- -----------
$ telnet localhost 80
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
GET / HTTP/1.0

HTTP/1.1 200 OK
Date: Wed, 01 Dec 2004 15:30:42 GMT
Server: Microsoft-IIS/6.0
(...)

- --------------

$ telnet localhost 80
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
TITI TOTO
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.0.52 (Fedora) Server at follc.in.ac-rouen.fr Port
80</address></body></html>
Connection closed by foreign host.
- ----------------

I hope it will help.

Regards.

- --
Cedric Foll
Ingénieur réseaux et sécurité
Rectorat de Rouen
"Algorithms from the NSA are considered a sort of alien technology:
they come from a superior race with no explanations."
Bruce Schneier
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBreXJL7xzmSvPn+8RApDHAKCNSxKsZiTB7sXdCCbbUMrP6L+5XACeJCXw
+hmJqLUZsenOOvWrC18cmG0=
=E/ML
-----END PGP SIGNATURE-----



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:09 EDT