Re: Non-standard usage of HTTP proxy servers

From: Philip Stoev (philipat_private)
Date: Mon Oct 22 2001 - 09:08:59 PDT

Next message: Jay D. Dyson: "Sun Security Bulletin #209"

Previous message: bugzillaat_private: "[RHSA-2001:113-03] New squid packages available to fix FTP-based DoS"
In reply to: Alexander Yurchenko: "Non-standard usage of HTTP proxy servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Using Squid, one can do

acl Safe_ports port 80 81 21 443 563 70 210 1025-65535
http_access deny !Safe_ports

to prevent that attack. It is well documented in squid.conf and is turned on
by default, I believe

Philip

----- Original Message -----
From: "Alexander Yurchenko" <grangeat_private>
To: <bugtraqat_private>
Sent: Monday, October 22, 2001 3:34 AM
Subject: Non-standard usage of HTTP proxy servers


> It's possible to connect to one of the
> numerous public HTTP proxy servers and send a request like:
>
> POST http://some.host:25/ HTTP/1.0
>
> giving the SMTP commands as a content.

Next message: Jay D. Dyson: "Sun Security Bulletin #209"
Previous message: bugzillaat_private: "[RHSA-2001:113-03] New squid packages available to fix FTP-based DoS"
In reply to: Alexander Yurchenko: "Non-standard usage of HTTP proxy servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Oct 22 2001 - 10:42:29 PDT