Firewall Wizards mailing list archives
Re: Prevent proxy chaining
From: Michael Still <mikal () stillhq com>
Date: Thu, 9 May 2002 11:34:24 +1000
On Tue, 7 May 2002, Srinivasa Addepalli wrote:
Whenever your firewall gets the port 80 request (SYN), you can do reverse HTTP connection ie send TCP connect to source IP. If it succeeds, it can be assumed that, the request came from proxy and your firewall can log a message to the administartor or possibly block the request. This scheme does not work, if client machine requires HTTP server.
I can also have my screening router drop traffic on port 80 from the proxy I am pointing to upline, which means that this detection method wont work. Cheers, Mikal -- Michael Still (mikal () stillhq com) UMT+10hrs _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Prevent proxy chaining Siebenkaes Stefan (May 07)
- Re: Prevent proxy chaining Stephane Nasdrovisky (May 08)
- Re: Prevent proxy chaining Srinivasa Addepalli (May 08)
- Re: Prevent proxy chaining Michael Still (May 09)