So, now we get to the transparent proxy.
Up until recently they all performed DNS on the HTTP listed domain and
most redirected the request to the actual destination. So that a) the
"All" here is simply not correct.� There are many transparent proxy products which use the IP address that the connection was originally destined for rather than resolving the hostname in the Host header. � On some this is configurable, on others it's the only way they operate.
Recently there have been proof-of-concept and zero-day attacks using
http://www.kb.cert.org/vuls/id/435052 so the proxy behaviour is
changing. Some are re-writing the URL and Host: headers to raw IPs and
passing it through (bye-bye virtual hosting), some are passing the
Can you provide even a single example of a transparent proxy changing a Host header to be that of an IP?� Not only would that be a completely violation of the RFC, it would also break the vast majority of websites on the Internet.
�
others are validating
the destination + headers and throwing up attack notices if they don't
match.
Even that would break more often than it would work so I can't see any worthwhile proxy vendor using it as an approach - Akamai and the like being the most obvious example of where it would fail.
�
� Scott.