TUCoPS :: Browsers :: bt993.txt

IE 5.x keep-alive session hijacking


sorry for being innacurate, but I noticed that our transparent-proxy =
system is trying (and even to succeeds at some level) to hijack client =
http connections. I asked users to supply us with their browser =
versions, and all of resulted answers were MS Internet Explorer. I =
didn't have too much time to investigate this issue, but here's how I =
imagine the problem. The transparent reverse proxy provides with =
Proxy-Connection: header, that can be misinterpretated by MSIE, so the =
browser software directs all further requests via proxy solution. It is =
possible to answer positively to any request, so browser continues to =
use proxy server transparently. Though, we've got ACLs forbidding such =
usage of our proxy servers, one can use such MITM attack to get cookies, =
input data, etc. Possibly that can be caused sometimes on other browser =
configurations as well.=20

Best regards,
Domas Mituzas
MicroLink Data=20

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH