Penetration Testing mailing list archives
Re: [PEN-TEST] Source Routing and MS Proxy 2.0
From: Frank Knobbe <FKnobbe () KNOBBEITS COM>
Date: Wed, 23 Aug 2000 18:53:19 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 That would be reverse proxying. I think her question was about source routing. A properly configure proxy should not route IP (IP Forwarding off), so source routing 'should' not be possible. However, I do come across MS Proxies that have routing enabled since (R)RAS is installed on top to provide VPN access with PPTP, so there might be a vector. Regards, Frank
-----Original Message----- From: Sandro Gauci [mailto:Sandro () GFI COM] Sent: Wednesday, August 23, 2000 7:55 AM There is an article on this by Mnemonix http://www.infowar.co.uk/mnemonix/proxy.htm -----Original Message----- From: erica bernt [mailto:erica_bbb () YAHOO COM] Sent: Monday, August 21, 2000 1:36 PM I will be doing some authorized penetration testing on a MS Proxy 2.0 server connected to the internet. I see that there is a http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0909 potential source routing attack that is possible. [...] I would be grateful of any suggestions and hints as to go about my penetration test of MS Proxy and of useful source routing tools.
-----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.1 Comment: PGP or S/MIME (X.509) encrypted email preferred. iQA/AwUBOaRj70RKym0LjhFcEQJhiwCgpXNvofhYE7uZqddZeMffR4NrwPEAoMB1 z/CM3pd0hImcBqh3/FmMt3j/ =by7y -----END PGP SIGNATURE-----
Current thread:
- [PEN-TEST] Source Routing and MS Proxy 2.0 erica bernt (Aug 21)
- <Possible follow-ups>
- Re: [PEN-TEST] Source Routing and MS Proxy 2.0 Sandro Gauci (Aug 23)
- Re: [PEN-TEST] Source Routing and MS Proxy 2.0 Frank Knobbe (Aug 24)
- Re: [PEN-TEST] Source Routing and MS Proxy 2.0 Oliver Friedrichs (Aug 24)