Re: Malicious use of grc.com

From: Chris (chrisbat_private)
Date: Tue Nov 27 2001 - 15:59:39 PST

Next message: Anthony Kim: "Re: Synaptics TouchPad, strange packets."

Previous message: Marcus Blankenship: "RE: Synaptics TouchPad, strange packets."
In reply to: Jay D. Dyson: "Re: Malicious use of grc.com"
Next in thread: Festive: "Re: Malicious use of grc.com"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 27 Nov 2001 10:09:59 -0800, H C wrote:

>> Not necessarily.  There are a vast number of
>> misconfigured proxies
>> available on the 'net that would afford a malicious
>> outsider ample
>> opportunity to do their dirty work without betraying
>> their point of
>> origin.  This negates the immediacy of any audit
>> trail and exacerbates the
>> severity of Gibson's oversight.
>
>For a port scan?  Really?

Hi,

Find just about any out of the box proxy setup and you will be able 
to check things like http://host:1/ http://host:1234/ etc

I think squid is about the only one that blocks this misuse by 
default? Could be wrong about that one though.. More could restrict 
ports by default these days..

Regards
-- 
Chris, chrisbat_private on 28/11/2001

Next message: Anthony Kim: "Re: Synaptics TouchPad, strange packets."
Previous message: Marcus Blankenship: "RE: Synaptics TouchPad, strange packets."
In reply to: Jay D. Dyson: "Re: Malicious use of grc.com"
Next in thread: Festive: "Re: Malicious use of grc.com"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Nov 27 2001 - 17:31:53 PST