Hi

I was wondering if any of your deployed LPS applications have been causing problems with Norton Internet Security 2004?

We have an application that users are complaining about gettings a URL_Directory_Traversal attack because "A computer with the IP address of 127.0.0.1 sent information that is characteristic of a URL_Directory_Traversal attack."

Just wondering if you guys had any idea what is causing this and what the appropriate fix would be.

Thanks

Is this something you see as a developer developing a laszlo app, or as an end user just using an app ? I ask because the address 127.0.0.1 is the local loopback, so it implies you are running the web server and client on the same machine. If you click on a random directory on the web server, it will enumerate the files in the directory, which might be what that Norton program is seeing.

This is not in our development environments, but on a live site that we have deployed. I've searched and haven't found anything that would be referencing the 127.0.0.1 IP address so it is wierd that we see it in the alert.

Any more suggestions on what might be causing this?

Thanks!

Just a thought:-

Is the machine serving the app run behind another server, Apache etc - only reason I can think of for loopback address appearing.

HTH,

Ken

Seems like Norton's updated recently and at least for me it seems to work ok now...

Same here - I just downloaded & installed Norton Internet Security 2004 and had no problems.

-Antun