[18087] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: backbone transparent proxy / connection hijacking

daemon@ATHENA.MIT.EDU (Rob Quinn)
Fri Jun 26 16:32:26 1998

Date: Fri, 26 Jun 1998 07:52:58 -0400
From: Rob Quinn <rquinn@sprint.net>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.3.95.980625160210.723l-100000@tarkin.fdt.net>; from Jon Lewis on Thu, Jun 25, 1998 at 04:11:18PM -0400

> [...] playing with transparent proxying [...]
> [...] We've got customers with web sites that are broken now because they
> can't communicate with things like Cybercash [...]

 The transparent proxy from one of our firewall vendors wasn't able to
handle connections to Cybercash. Analysis showed that Cybercash was
doing a half-close on their end of the socket, which the proxy took as
a full-close, ending the session.

 Perhaps that's a common mistake?

-- 
| Opinions are _mine_, facts                                     Rob Quinn |
| are facts.                                                 (703)689-6582 |
|                                                        rquinn@sprint.net |
|                                                Sprint Corporate Security |

home help back first fref pref prev next nref lref last post