[ZCM] [ZC] 360/ 1 Request "Zope should issue a 4xx on proxy attacks"

Mon, 22 Apr 2002 21:45:11 -0400

Issue #360 Update (Request) "Zope should issue a 4xx on proxy attacks"
 Status Pending, Zope/bug medium
To followup, visit:
  http://collector.zope.org/Zope/360

==============================================================
= Request - Entry #1 by datagrok on Apr 22, 2002 9:45 pm

Issuing a GET http://www.yahoo.com/ HTTP/1.1 to my zope server returns a 200 OK status along with my site's root page.

This makes proxy-attacking scripts think that I'm an open proxy, and they continue to issue queries to my server, attempting to exploit other sites. These queries fail because the paths do not exist on my server, but it is nonetheless anoyying:

        24.43.108.245 - Anonymous [18/Apr/2002:14:08:26 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___tech___&passwd=butthead&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:14:32:12 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___tech___&passwd=dalee&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:15:03:57 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___tech___&passwd=flipper&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:15:06:12 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___alien___&passwd=ugly&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:15:13:57 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___alien___&passwd=waterboy&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:15:18:56 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___tech___&passwd=guest&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:16:09:48 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___alien___&passwd=?????????&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:16:20:39 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___asshole___&passwd=mundanes&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:16:57:47 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___asshole___&passwd=puffing&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:17:12:47 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___asshole___&passwd=sabrina&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:17:28:48 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___alien___&passwd=cristyn&n=1 HTTP/1.0" 404 2042 "" ""
        24.43.108.245 - Anonymous [18/Apr/2002:17:59:51 -0400] "GET http://edit.yahoo.com/config/ncclogin?.src=ym&login=___alien___&passwd=fishermen&n=1 HTTP/1.0" 404 2042 "" ""

Issuing a proxy request to a server that does not do proxying should result in a 4xx error.
==============================================================