Bugtraq mailing list archives
Re: Non-standard usage of HTTP proxy servers
From: Keith Young <kyoung () v-one com>
Date: Mon, 22 Oct 2001 11:48:49 -0400
Alexander Yurchenko wrote:
I'm sorry if the following things are well-known and not interesting for you. The HTML form protocol attack method described by Jochen Topf <jochen () remote org> in his post to BugTraq (http://www.securityfocus.com/cgi-bin/archive.pl?id=1&start=2001-10-17&end=2001-10-23&threads=0&mid=20010815092019.A938 () atlantis remote org) can be used in another way. It's possible to connect to one of the numerous public HTTP proxy servers and send a request like: POST http://some.host:25/ HTTP/1.0 giving the SMTP commands as a content. In that way we can send an e-mail anonymously and trick diffrent DNS black lists. I've attached a simple perl script showing this technique. We can also do the same things using the others ASCII based protocols. Some proxy servers configured to refuse attempts to connect to such ports as SMTP, NNTP, POP3, etc, but many of them not. So HTTP proxy servers can do more than just retrieving HTML pages.
This has been known for a while; in fact, I added this to the FWTK FAQ several years ago:
http://www.fwtk.org/fwtk/faq/faq.html#2.4.13Other proxy server may be different, so you will want to verify this with your vendor.
As with any good firewall configuration, the destination host/port of the connection is just as important as the source.... :-)
-- --Keith Young -kyoung () v-one com
Current thread:
- Non-standard usage of HTTP proxy servers Alexander Yurchenko (Oct 22)
- Re: Non-standard usage of HTTP proxy servers Keith Young (Oct 22)
- Re: Non-standard usage of HTTP proxy servers Philip Stoev (Oct 22)