Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: [NTSEC] By-passing MS Proxy 2.0 and others packet filtering
From: kevin () RESEARCH-INC COM (Kevin Way)
Date: Wed, 14 Oct 1998 13:46:00 -0400


Very untrue. Look at this:
[hardbeat () haarlem hardbeat]$ telnet proxy 8080
Trying 194.178.232.18...
Connected to rotterdam.vuurwerk.nl.
Escape character is '^]'.
POST http://telnet:23/ HTTP/1.0

this seems to me to just be a poorly configured proxy server.  the
following acl's take care of that problem nicely, on squid anyway.

acl SSL_ports port 443 563
acl Safe_ports port 80 21 70 1025-5999 6011-65535
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
http_access deny !Safe_ports

this would seem to me a simple, and proper way to stop that problem nicely
with squid.

Kevin Way
System Administrator
ReSearch Inc.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]