lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050723224655.A58B2342A0@smtpd.itss.auckland.ac.nz>
Date: Sun, 24 Jul 2005 10:46:49 +1200
From: "Bojan Zdrnja" <Bojan.Zdrnja@....hr>
To: <bugtraq@...urityfocus.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: RE: Anonymous Web Attacks via
	DedicatedMobileServices


 

> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk 
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf 
> Of Morning Wood
> Sent: Wednesday, 20 July 2005 5:02 a.m.
> To: Petko Petkov; bugtraq@...urityfocus.com
> Cc: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] Anonymous Web Attacks via 
> DedicatedMobileServices
> 
> google's language translation also does this..
> http://ipchicken.com
> http://translate.google.com/translate?u=http://ipchicken.com

Regarding Google - yes, if you log only connections.
However, when you use translate.google.com service, Google will add a new
header in the HTTP request:

X-Forwarded-For: <IP address>

All proxy servers should add this header, even in the case of multiple
proxying, in which case all IP addresses should be listed under this header.

For Apache, there is even a mod_extract_forwarded module which should change
the connection so it looks like it's coming from the IP behind the proxy
server.


I don't see any special risk with this, even for mobile devices (mentioned
in the original post) -- a proxy just does it's job, no matter which proxy
it is. If Google keeps logs, even if you don't save X-Forwarded-For header
and parse them, you can find out who visited the web page, if it goes to
investigation.

Cheers,

Bojan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ