RE: Penetrating a reverse proxy

From: Ivan Coric (
Date: 05/24/02

Date: Fri, 24 May 2002 09:58:49 +1000
From: "Ivan Coric" <>
To: <>, <>

Some more info on Rproxy's


>>> "David Cullen" <> 05/23/02 07:06am >>>
Hi Joe,

1)This article discusses the pros and cons of Reverse Proxy. Uses an Apache
Server for implementation purposes. The article may give you a few ideas:
A Reverse Proxy Is A Proxy By Any Other Name

2)Book: Web Proxy Servers, Ari Luotonen. ISBN: 0136806120

3)Vendor: CacheFlow.


-----Original Message-----
From: Joe McCray []
Sent: May 21, 2002 9:46 AM
Subject: Penetrating a reverse proxy

Having never dealt with attacking a reverse proxy, and just now
reading about the benefits of Reverse Proxy, and Secure Reverse
Proxy at:

Does anyone know of any good websites, books, or other material
that may be relevant for attempting to penetrate a database server
that is behind a Reverse Proxy. This concept of the reverse proxy
being able to:

Quote from the above website link-
If the content server returns an error message, the proxy server
can intercept the message and change any URLs listed in the
headers before sending the message to the client. This prevents
external clients from getting redirection URLs to the internal
content server.

I haven't been asked to attempt to penetrate the web proxy, but the
potential is there that I may be asked to attempt it in the
future. I'd like to know where I can do some reading on the

Joe McCray
CCNA, Windows 2000 MCSE

Sent via

Messages included in this e-mail and any of its attachments are those
of the author unless specifically stated to represent WorkCover Queensland.
The contents of this message are to be used for the intended purpose only
and are to be kept confidential at all times. This message may contain
privileged information directed only to the intended addressee/s.
Accidental receipt of this information should be deleted promptly
and the sender notified.

This e-mail has been scanned by Sophos for known viruses.
However, no warranty nor liability is implied in this respect.