[7246] in bugtraq
Re: socks5 1.0r5 buffer overflow..
daemon@ATHENA.MIT.EDU (Jim Dennis)
Mon Jul 13 15:59:05 1998
Date: Mon, 13 Jul 1998 02:30:57 -0700
Reply-To: Jim Dennis <jimd@STARSHINE.ORG>
From: Jim Dennis <jimd@STARSHINE.ORG>
X-To: Zach Brown <zab@zabbo.net>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.95.980710112215.21615D-100000@thebrain> Message
Apparently From Zach Brown <zab@ZABBO.NET> Dated Fri, 10 Jul 1998
11:43:55 PDT.
> We on the LSAT have also been poking around code that people are
> likely to be running on linux boxen. At work I was asked to install
> socks5 on our gateway boxes and thought it would be a good idea to
> make sure it was ship shape. I was quite impressed with the careful
> coding, till I ran across this one foul up in lib/log.c:
Has anyone on this list looked at the DeleGate code?
(it provides SOCKS compatible proxying which is also
accessible by non-SOCKS clients in a way that is similar
to the user-driven TIS FWTK proxies).
The URL for DeleGate is: http://wall.etl.go.jp/delegate/
... and it seems to be under a much less restrictive
license (BSD'ish? GPL?) than NEC SOCKS.
So far I've shied way from NEC SOCKS since I don't understand
their license. My concern about DeleGate is whether that
no one ever talks about it --- so I don't know if the code has
received sufficient scrutiny.
Maybe if LSA looked it over, RH and/or Debian could adopt this
as a default applications proxy for their distributions. I
think we still need one since IP masquerading still doesn't
seem to do as well on FTP as I'd like.
--
Jim Dennis (800) 938-4078 consulting@starshine.org
Proprietor, Starshine Technical Services: http://www.starshine.org
