Re: [NTSEC] By-passing MS Proxy 2.0 and others packet filtering

From: Gus (angusat_private)
Date: Tue Oct 13 1998 - 03:18:23 PDT

Next message: Lincoln Stein: "Re: Referer (was Patches for wwwboard.pl)"

Previous message: Mnemonix: "A wee caveat - the freeware WAR-ftp server (most versions)"
Next in thread: Peter van Dijk: "Re: [NTSEC] By-passing MS Proxy 2.0 and others packet filtering"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

So to summarise:

"Proxy servers can be abused. Ensure that only authorised users can
connect"

Exactly how you do this will depend on your circumstances and software.
Binding the server to the inward-facing NIC in a 'bastion host' config,
ensuring access control features are enabled by default if you are a
vendor and blocking inward traffic to proxy port if you run a firewall or
filtering router.

Perhaps Squid's "X-Forwarded-For: " header is a solution that could be
applied for situations where limiting the access to the server is not a
viable proposition.

A portscanner that bounces through a proxy server, in the style of the
ftp 'bounce' attack is at http://www.intasys.com/~angus/pbs.c

It goes without saying that 90% of "ftp bounce attack" code will only need
very small mods to be used on a WWW proxy.

Regards
        Gus

--
                                angusat_private

Next message: Lincoln Stein: "Re: Referer (was Patches for wwwboard.pl)"
Previous message: Mnemonix: "A wee caveat - the freeware WAR-ftp server (most versions)"
Next in thread: Peter van Dijk: "Re: [NTSEC] By-passing MS Proxy 2.0 and others packet filtering"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:19:21 PDT