Website log file security question: Can a browser client create an offsite GET entry?

Discussion in 'other security issues & news' started by Devinco, Apr 2, 2006.

Thread Status:
Not open for further replies.
  1. Devinco

    Devinco Registered Member

    Jul 2, 2004
    I've searched for answers to no avail, maybe someone could shed some light on this technical web log file analysis question?

    In looking at a raw web log, I've come across an unusual entry. (some info has been changed): - - [15/Mar/2006:12:00:00 -0500] "GET HTTP/1.1" 200 3545 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)"

    Note the part: GET

    Normally this section shows a page that has been requested by the browser that is ON the website (like /index.html). But in this case, a GET request has been logged for a completely different domain. This is not the referring domain, it is the requested domain.
    Is it possible for a browser (or a client posing as a browser) to generate a GET request in the log for a website/page that is not even on the server?
    How is that done?
    Is there a way to prevent it?
Thread Status:
Not open for further replies.