[Zope-dev] possible compromise
Jamie Heilman
jamie at audible.transient.net
Tue Oct 14 17:42:19 EDT 2003
Chris Pelton wrote:
> Yes, that's what I'm thinking happened here, but I need to verify that
> was the case. Are there any logs in zope that could help track this
> down, or a known configuration that would allow it to happen?
Several, the most common is people using mod_proxy incorrectly.
Look for a ProxyRequests directive in your Apache config, if it exists
and is on, chances are you have misconfigured Apache. Direct use of
mod_proxy's directives is never necessary to use Zope.
> Any ideas how someone might be able to tell Zope is running?
You mean how somebody could fingerprint you from the outside? Well
the Server header in the http response is the most obvious way, but
certainly not the only one, zope's fingerprint is very distinct
because of acquisition and its numerous management interfaces.
--
Jamie Heilman http://audible.transient.net/~jamie/
"Most people wouldn't know music if it came up and bit them on the ass."
-Frank Zappa
More information about the Zope-Dev
mailing list