Microsoft
Software
Hardware
Network
Question : IIS 7 leaking private ip via https
Security scans are showing that we were leaking private IP addresses on our public web servers. We appear to have nailed that down with IIS 7 on port 80, but I guess port 443 is still showing the private IP address. Haven't been able to find much about this one other than the following link, but since we host quite a few sites on this server (many with their own certs), seems like this might not be what we're looking for. Any help would be appreciated...
http://blogs.msdn.com/b/mi
ke/archive
/2008/11/1
8/removing
-an-
iis-se
rver-s-ip-
address-fr
om-http-re
sponses.as
px
Answer : IIS 7 leaking private ip via https
Have a look at my comments here on the MS IIS forums:
http://forums.iis.net/t/11
68391.aspx
That should stop all the port 80 vulerabilities and likley the 443s although I have not checked this.
Random Solutions
Restore always causes "The tail of the log for the database "<DATABASENAME>" has not been backed up"
company.com and
www.company.com
I have a database trigger that I'd like to notify my ASP.NET program
Grouping rows to one line
company web calendar exprted to CSV and outlook
Track the time a procedure ran
Secure FTP in Java
Want to create 3 separte div ids
How to create a test SAN environment with ESX server
identifying why a crash occurred
