[Dshield] Open proxy servers again on the rise.

John D. lists at webcrunchers.com
Fri Aug 22 09:11:40 GMT 2003

>Attachment converted: Macintosh HD:Untitled 177 (MiME/CSOm) (000B79D3)
>*** PGP Signature Status: not verified (signing key missing)
>*** Signer: 0x826F07FC
>*** Signed: N/A at N/A
>*** Verified: 2003-08-22 at 2:08 AM
>> The simple way would be to use a Crunchbox,  
>> it does that automatically as long as a snort
>>  rule exists that would detect it.
>hehe. I would like to see that snort rule. Proxy servers come in many
>different shapes. In paritcular if you have someone use a transparent
>proxy, chances are the only way to find out is by looking at all the
>traffic going to a particular target IP.

Snort rule is published in the snort site,  plus I gave out a URL earlier
with the appropriate snort rules.
>Best way to avoid proxies is to setup your own (e.g. Squid).
>See the discussion for a few days ago for details.

I read that,  but no reference was given about details on "Squid"


More information about the list mailing list