One of the vulnerability that we had to fix on a recent project was the disclosure of the IP address when IIS had to redirect a web request to another page and here is how it got fixed.
Based on the following Microsoft support article: “FIX: IP address is revealed in the content-location field in the TCP header in IIS 6.0” [1]; follow these steps to set the SetHostName property in IIS, so that the System Admin defined hostname is revealed in the response header as opposed to the internal IP address..
- Click Start, click Run, type cmd, and then click OK to open a command prompt.
- Change to the folder where the Adsutil.vbs tool is located. By default, this folder is the following:
- %SYSTEMROOT%\Inetpub\AdminScripts
- Type the following command, where x is your site identifier and hostname is the alternate host name that you want to use:
- cscript adsutil.vbs set w3svc/x/SetHostName hostname
- X can be looked by from IIS mmc. Click here [2] to know to look up the site identifier.
If this does not fix the problem then try installing the latest service pack for Windows Server 2003 and then restart your computer
References:
- Microsoft Support: FIX: IP address is revealed in the content-location field in the TCP header in IIS 6.0
- Chris Crowe’s Blog – IIS Web Site Identifiers.
