Re: Web Site Hacks

[Daniel Garcia <dgarcia () hollyfeld org>]

On Tue, 2 Dec 1997, Edward Cracknell wrote:
> a) The usual host OS exploits can result in changes being made to the
> web server. 
> ftp, telnet, smtp etc.

No problems here.

> Assuming the Web server is behind the firewall and only http is allowed:
> a) The ability to run cgi-bin scripts or html form processing in a way
> which will create an html page as output. (Many form-based pages take
> input and produce a page for output). As a result, it might be possible
> to create a page that contains a URL like: 
> <A HREF=telnet://target.system.behi nd.firewall> Click here </A>
> This would generally allow a telnet session from the web server to the
> target system and the firewall rules of ONLY http allowed through would
> not stop this.

No, no, no, and again no.  This would allow a telnet session from the
web CLIENT to the target system.  Web server's don't follow links - 
people (and their web browsers) do.  The reminds me of some of the sillyisms
I saw with gopher where people thought if they accessed a gopher site
through a link somewhere else, they were really accessing it through
that link somewhere else.

> c) Attacks made to the DNS parent of your web site (ISP) to 'point'
> traffic elsewhere

That's what you should be your own primary/secondary :)  (Or have access
to, trust your secondary)

Cheers,

--Dg