Open relays and open proxies

• Previous message (by thread): Open relays and open proxies
• Next message (by thread): Open relays and open proxies
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--On Thursday, April 24, 2003 12:16 PM -0700 Will Yardley 
<william+nanog at hq.dreamhost.com> wrote:

>
> On Thu, Apr 24, 2003 at 02:11:12PM -0500, Adi Linden wrote:

>> Is there an accepted way of blocking open proxy and open relay traffic
>> at the network edge?
>
> The obvious way would be to block the commonly abused ports...
> presumably, you will have very few customers who actually need to have
> port 1080, 3128 8080, or whatever open. Obviously, I can't say whether
> this would be effective for your particular application.

This list of "commonly abused ports" is ever increasing.  Might as well 
block everything and let through specific stuff if you're going down that 
path.


> Also, you could consider running proactive scans on your network with
> available proxy-checking tools.
>
> I use proxycheck to manually check hosts for open proxies
> (http://www.corpit.ru/mjt/proxycheck.html)... you could script this
> (or a similar tool) and run scans of your entire network.

That's what I would suggest.  You could also reactively test your customers 
when they make a connection to your webserver or mailserver.

• Previous message (by thread): Open relays and open proxies
• Next message (by thread): Open relays and open proxies
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]