Re: Anyone encountered this with NetCache?
From: Jeremy Sanders (jsanders@newsouthfederal.com)Date: 07/30/01
- Previous message: Tony Lambiris: "WindowMaker bug"
- Maybe in reply to: Lincoln Yeoh: "Anyone encountered this with NetCache?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <sb6565f1.082@mail.newsouthfederal.com> Date: Mon, 30 Jul 2001 13:49:20 -0500 From: "Jeremy Sanders" <jsanders@newsouthfederal.com> To: <vuln-dev@securityfocus.com> Subject: Re: Anyone encountered this with NetCache?
>What I seemed to notice is that in an intercepted HTTP request, the
>_domain_ name in the request takes precedence over the actual destination
>IP address of original HTTP request packets.
>Has anyone else encountered this?
This is because transparent proxies strip traffic, either via ipchains, ipfilter,
wccp, route-maps, or some other routing trick. Some of these methods change
the destination address, others just change the next hop address. When the
packet is then delivered to the caching software it has the destination ip address
of the cache server. When the caching software gets the packet the only
clue it has as to what to get is the HTTP request header which is then backfilled
to either the wccp device or the original source address depending on the design.
Jeremy Sanders, CCNP CNE
Advanced Systems Engineer
New South Federal Savings Bank
- Previous message: Tony Lambiris: "WindowMaker bug"
- Maybe in reply to: Lincoln Yeoh: "Anyone encountered this with NetCache?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
