[techtalk] HELP! Webserver compromised?!?
Michelle Murrain
mpm at norwottuck.com
Thu May 3 08:46:10 EST 2001
On Thursday 03 May 2001 03:08 am, jenn at simegen.com wrote:
>
> You have the proxying module enabled. So yes, there is a proxying
> function in apache that you're unaware of. It's not compromised
> (well, not NECESSARILY compromised!), it's just that you left
> an exploitable function on. They're using your bandwidth to fetch
> pages for them.
OK, I'm going to risk sounding really ignorant here, especially as someone
who has been running web servers for several years.
I know about mod_proxy, and the general idea of proxy servers, etc. But how
does it make any sense in terms of saving bandwidth, for me, for example, to
relay through a different server, to fetch web pages? The web pages and
associated files are the same size, whether I get them through another server
or on my own, and so I'm using the same bandwidth to retrieve the files.
Further, it would inevitably be slower to get those pages, since I'm going
through another server.
What am I missing?
I do see, for privacy issues, using someone elses servers to fetch pages -
there would be ways I guess to hide the actual URLs of the pages fetched. But
otherwise, I don't get it.
Michelle
--
------------
Michelle Murrain, Ph.D.
President
Norwottuck Technology Resources
mpm at norwottuck.com
http://www.norwottuck.com
More information about the Techtalk
mailing list