[57863] in North American Network Operators' Group
Re: Open relays and open proxies
daemon@ATHENA.MIT.EDU (Jack Bates)
Fri Apr 25 10:46:32 2003
Date: Fri, 25 Apr 2003 09:48:15 -0500
From: Jack Bates <jbates@brightok.net>
To: Daniel Concepcion <dani@danielcp.net>
Cc: John Payne <john@sackheads.org>, NANOG <nanog@merit.edu>
In-Reply-To: <200304251631.34016.dani@danielcp.net>
Errors-To: owner-nanog-outgoing@merit.edu
Daniel Concepcion wrote:
>
> The big problem in dDoS are the smurf, virus and trojans. Generally every
> machine infected have an open proxy. But the open proxy itself isn't
> dangerous. They are only use as intermediate hop for attack machines or
> control other trojans.
>
This is true for dDoS, but service denial is only one security concern.
The proxies are often used to a) cloak originating source during
dictionary and exploit attempts and b) circumvent security when the
system with the proxy happens to be a "trust" system (it does happen).
-Jack
