| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050723224655.A58B2342A0@smtpd.itss.auckland.ac.nz> Date: Sat Jul 23 23:47:06 2005 From: Bojan.Zdrnja at LSS.hr (Bojan Zdrnja) Subject: Anonymous Web Attacks via DedicatedMobileServices > -----Original Message----- > From: full-disclosure-bounces@...ts.grok.org.uk > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf > Of Morning Wood > Sent: Wednesday, 20 July 2005 5:02 a.m. > To: Petko Petkov; bugtraq@...urityfocus.com > Cc: full-disclosure@...ts.grok.org.uk > Subject: Re: [Full-disclosure] Anonymous Web Attacks via > DedicatedMobileServices > > google's language translation also does this.. > http://ipchicken.com > http://translate.google.com/translate?u=http://ipchicken.com Regarding Google - yes, if you log only connections. However, when you use translate.google.com service, Google will add a new header in the HTTP request: X-Forwarded-For: <IP address> All proxy servers should add this header, even in the case of multiple proxying, in which case all IP addresses should be listed under this header. For Apache, there is even a mod_extract_forwarded module which should change the connection so it looks like it's coming from the IP behind the proxy server. I don't see any special risk with this, even for mobile devices (mentioned in the original post) -- a proxy just does it's job, no matter which proxy it is. If Google keeps logs, even if you don't save X-Forwarded-For header and parse them, you can find out who visited the web page, if it goes to investigation. Cheers, Bojan
Powered by blists - more mailing lists