[nsp-sec] amazon attack
Chris Morrow
morrowc at ops-netman.net
Fri Jun 6 16:23:32 EDT 2008
On Fri, 6 Jun 2008, Jose Nazario wrote:
> ----------- nsp-security Confidential --------
> it's designed to try to defeat UA-based filtering by having a small pool of
> UAs to chose from. however, notice that while it sends an HTTP/1.1 style
> header it announces itself with an HTTP/1.0 version. if you have any DPI/HTTP
> header filtering that may be a key to filter on (GET .... HTTP/1.0 ... host:
> ... pragma: no-cache)
being cautious that ... real clients could be just as messed up :( of
course.
More information about the nsp-security
mailing list