On Tue, 27 Nov 2001 10:09:59 -0800, H C wrote: >> Not necessarily. There are a vast number of >> misconfigured proxies >> available on the 'net that would afford a malicious >> outsider ample >> opportunity to do their dirty work without betraying >> their point of >> origin. This negates the immediacy of any audit >> trail and exacerbates the >> severity of Gibson's oversight. > >For a port scan? Really? Hi, Find just about any out of the box proxy setup and you will be able to check things like http://host:1/ http://host:1234/ etc I think squid is about the only one that blocks this misuse by default? Could be wrong about that one though.. More could restrict ports by default these days.. Regards -- Chris, chrisbat_private on 28/11/2001
This archive was generated by hypermail 2b30 : Tue Nov 27 2001 - 17:31:53 PST