Re: Tunnel ports allowed on NetApp NetCaches

From: Adrian Chadd (adrianat_private)
Date: Thu Jul 05 2001 - 22:52:09 PDT

Next message: Sander Steffann: "Re: [BUGTRAQ] php breaks safe mode"

Previous message: Ram'on Reyes Carri'on: "Re: poprelayd and sendmail relay authentication problem (Cobalt Raq3)"
In reply to: Kevin O'Brien: "RE: Tunnel ports allowed on NetApp NetCaches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 05, 2001, Kevin O'Brien wrote:

[snip]

> If you have +all you will want to look through your logs for anything using
> the CONNECT method instead of GET to see what ports outside people connected
> to.  Fortunately, we only saw ports 443 and 25 to hosts outside our network.
> 
> BTW, I contacted NetApp on Friday about this and they are still trying to
> write a Field Alert to their customers...and I thought M$ was slow.

This has been a known problem in the squid camp for
a long time now. I believe the ircache caches had HTTP CONNECT
disabled for this exact reason.

In fact, the squid default configuration denies HTTP CONNECT
to target ports other than 443/563.

Adrian

-- 
Adrian Chadd			Yeah, for me its (XML) like the movie Titanic.
<adrianat_private>	  Everybody loves it.
				    I want to be different, so I hate it.
					--Duane Wessels

Next message: Sander Steffann: "Re: [BUGTRAQ] php breaks safe mode"
Previous message: Ram'on Reyes Carri'on: "Re: poprelayd and sendmail relay authentication problem (Cobalt Raq3)"
In reply to: Kevin O'Brien: "RE: Tunnel ports allowed on NetApp NetCaches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jul 06 2001 - 11:51:13 PDT