[Dshield] Open proxy servers again on the rise.
Johannes B. Ullrich
jullrich at sans.org
Thu Aug 21 22:35:45 GMT 2003
> The simple way would be to use a Crunchbox,
> it does that automatically as long as a snort
> rule exists that would detect it.
hehe. I would like to see that snort rule. Proxy servers come in many
different shapes. In paritcular if you have someone use a transparent
proxy, chances are the only way to find out is by looking at all the
traffic going to a particular target IP.
Best way to avoid proxies is to setup your own (e.g. Squid).
See the discussion for a few days ago for details.
SANS - Internet Storm Center
PGP Key: http://isc.sans.org/jullrich.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20030821/808d478d/attachment.bin
More information about the list