http 到 https 端口转发是漏洞吗?
[英]Is http to https port forwarding a vulnerability?
问题描述
I work in an organisation where a TMG server with port forwarding has been used successfully for a number of years to forward all http traffic to https for a particular web application.
我在一个组织中工作,其中具有端口转发功能的 TMG 服务器已成功使用多年,将所有 http 流量转发到 https,用于特定的 web 应用程序。 This meant that http or https would work on URLs for that web application.这意味着 http 或 https 将适用于该 web 应用程序的 URL。
Recently this was seen as a security risk and http is no longer being advertised.最近这被视为一种安全风险,并且不再宣传 http。 For users this has caused an issue where all the links they had which were originally http no longer work and they are having to update all their links to https.对于用户来说,这导致了一个问题,他们原来拥有的所有链接 http 不再有效,他们必须将所有链接更新到 https。
I can't quite figure out what the vulnerability is, and if someone could shed some knowledge I would really appreciate it.我不太清楚这个漏洞是什么,如果有人能透露一些知识,我将不胜感激。
How I understand it, there are 2 paths http and https.我的理解是,有 2 条路径 http 和 https。 The TMG server essentially acts as the gatekeeper that sits in front of the organisations network and forces all http traffic down the https route instead, so at no point is there any http traffic into the network. TMG 服务器本质上充当了位于组织网络前面的看门人,并强制所有 http 流量通过 https 路由,因此绝不会有任何 Z80791B3AE7002CB88C246876D9FAA8 流量进入网络。
Thanks in advance.提前致谢。
1 个解决方案
解决方案1
0 2020-07-22 09:15:34
I used the security stack exchange site as suggested by Guy Incognito which provided great explanations.我使用 Guy Incognito 建议的安全堆栈交换站点,它提供了很好的解释。 https://security.stackexchange.com https://security.stackexchange.com
See my post here: https://security.stackexchange.com/questions/234742/is-http-to-https-port-forwarding-a-vulnerability/234751#234751在这里查看我的帖子: https://security.stackexchange.com/questions/234742/is-http-to-https-port-forwarding-a-vulnerability/234751#234751
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.