Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Non-ASCII bytes detected in HTTP
  •  
labo@dicoms.it

Messages: 1
Karma: 0
Send a private message to this user
In my lan some users have installed the application skype for
accessing to voice over ip and now in the security log of kerio winroute firewall, there is
this note "HTTP: Non-ASCII bytes detected in HTTP request: client: 192.168.39.12, server: 69.151.152.37".
what it means?
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Well, it means that there were non-ASCII bytes detected in a HTTP request Very Happy

Regular HTTP requests should only contain ASCII characters, so bytes that do not represent ASCII characters in HTTP requests are odd. Not neccesarily an issue though. You may ignore this warning.

Are you running the newest KWF? See this release note in v6.2.1:
Quote:

Version 6.2.1 - May 3, 2006
- fixed handling of HTTP/0.9 responses
(this caused false positives of binary characters in HTTP headers)
  •  
bronco

Messages: 131
Karma: 1
Send a private message to this user
The problem is still there because I have the same issue. I found out that it is being caused in our case by users that are using Skype on the network. If you configure Skype to use HTTPS it will starting to generate these messages.

So check if someone is using Skype or similar product. Try switching the product off and check again. If it is gone you know it will be Skype. I mentioned this to Kerio Support and they said it is a Skype problem and I should take it up with Skype. Confused
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Try changing the DetectMaliciousHeaders setting in the winroute.cfg to 0.

<table name="ProxyHTTP">
...
<variable name="DetectMaliciousHeaders">0</variable>
...
</table>
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
feite wrote on Fri, 16 June 2006 20:23

Try changing the DetectMaliciousHeaders setting in the winroute.cfg to 0.

<table name="ProxyHTTP">
...
<variable name="DetectMaliciousHeaders">0</variable>
...
</table>




This will lower the level of protection on HTTP provided by KWF. So please consider all consequences.
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Yes it does. But if you need the connection this is an option. It would be nice to make this option connection specific.
Previous Topic: Can't do Outbound VPN or RDP (Remote Desktop)
Next Topic: HTTPS Problem
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 13:01:06 CET 2017

Total time taken to generate the page: 0.00442 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.