| asmizer 2007-11-16, 1:39 pm |
|
"Ken Schaefer" wrote:
> "asmizer" <asmizer@discussions.microsoft.com> wrote in message
> news:8D0A3C8F-472A-4382-AE0D-A0CAAB1088F9@microsoft.com...
>
> If yoursite.com does not resolve to the IP address, why is the browser even
> making the request to your webserver (except possibly to log spam in your
> logfiles)
>
> IIS will match incoming requests to sites from the most specific to the
> least specific bindings.
>
> If you have a site that listens on "all unassigned" and has no host header,
> it will get all requests that can not be routed to a more specific site.
>
> Cheers
> Ken
>
>
The incomming packet is intentionaly malformed. Why? I assume it is an
attempt to probe for some vulnerability in the web server or to learn if the
server is configured for host header checking (an inteligence gathering
probe?).
So the incomming packet which is addressed by IP to the server has a host
header which will essenntially be ignored by the default IIS configuration.
Is it then safe to assume that IIS treats this connection request tha same as
if it had come in with mysite.com instead of yourstie.com? The server result
being to hand back the "default" home page for mysite.com?
|