[8187] in bugtraq
Re: [NTSEC] By-passing MS Proxy 2.0 and others packet filtering
daemon@ATHENA.MIT.EDU (Gus)
Tue Oct 13 14:42:04 1998
Date: Tue, 13 Oct 1998 11:18:23 +0100
Reply-To: Gus <angus@INTASYS.COM>
From: Gus <angus@INTASYS.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199810090546.HAA22037@champagne.edelweb.fr>
So to summarise:
"Proxy servers can be abused. Ensure that only authorised users can
connect"
Exactly how you do this will depend on your circumstances and software.
Binding the server to the inward-facing NIC in a 'bastion host' config,
ensuring access control features are enabled by default if you are a
vendor and blocking inward traffic to proxy port if you run a firewall or
filtering router.
Perhaps Squid's "X-Forwarded-For: " header is a solution that could be
applied for situations where limiting the access to the server is not a
viable proposition.
A portscanner that bounces through a proxy server, in the style of the
ftp 'bounce' attack is at http://www.intasys.com/~angus/pbs.c
It goes without saying that 90% of "ftp bounce attack" code will only need
very small mods to be used on a WWW proxy.
Regards
Gus
--
angus@intasys.com
