[8223] in bugtraq
Re: [NTSEC] By-passing MS Proxy 2.0 and others packet filtering
daemon@ATHENA.MIT.EDU (Kevin Way)
Thu Oct 15 14:54:47 1998
Date: Wed, 14 Oct 1998 13:46:00 -0400
Reply-To: Kevin Way <kevin@RESEARCH-INC.COM>
From: Kevin Way <kevin@RESEARCH-INC.COM>
X-To: Peter van Dijk <peter@ATTIC.VUURWERK.NL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19981013230844.E4866@attic.vuurwerk.nl>
> Very untrue. Look at this:
> [hardbeat@haarlem hardbeat]$ telnet proxy 8080
> Trying 194.178.232.18...
> Connected to rotterdam.vuurwerk.nl.
> Escape character is '^]'.
> POST http://telnet:23/ HTTP/1.0
>
this seems to me to just be a poorly configured proxy server. the
following acl's take care of that problem nicely, on squid anyway.
acl SSL_ports port 443 563
acl Safe_ports port 80 21 70 1025-5999 6011-65535
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
http_access deny !Safe_ports
this would seem to me a simple, and proper way to stop that problem nicely
with squid.
Kevin Way
System Administrator
ReSearch Inc.
