Home page logo

basics logo Security Basics mailing list archives

Re: bypassing proxy
From: Nick Owen <nickowen () mindspring com>
Date: Mon, 26 Feb 2007 11:32:59 -0500

nawalmiftahi () gmail com wrote:
Hii all, i am a security admin with a financial instituation, there's
one issue which i would like to clarify , one of our user needs to
access a website ( a financial instituation) which he access by
giving his username and password+secureid, but the problem here is
when he try to access via a proxy (isa server) he's not able to
access the above page, and when the proxy is removed he's able to
acces the page, the question i wanted to ask you is what is the
security issue if allowed by bypassing the proxy or are there
anyalternative , and if at all proxy is bypassed , firewall is
anywhere there at gateway, and all our port blocking is at firewall
and this proxy is used only for log collection and some other stuff,
 your early reply is highly appreciated . Regards

Chances are that you need to enable authentication caching on the ISA
server.  Web-apps often request authentication for each request.  A page
can be a lot of requests, obviously, and on the second request the
one-time passcode is no longer valid.  I have used imaproxy to
accomplish this on webmail and memcached for apache + mod-radius with
WiKID OTPs, but I have no experience with ISA, so I cannot make any
specific recommendations there.



Nick Owen
WiKID Systems, Inc.
Commercial/Open Source Two-Factor Authentication

This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your 
enterprise with BigFix, the single converged IT security and operations 
engine. BigFix enables continuous discovery, assessment, remediation, 
and enforcement for complex and distributed IT environments in real-time 
from a single console.
Think what's next. Think BigFix. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]