[Nottingham] apache or squid for proxying?
Mike Cardwell
nlug at lists.grepular.com
Wed Oct 14 15:59:43 UTC 2009
Martin wrote:
>> Transparent web proxies have an inherant security flaw though...
> [---]
>> In essence, if you have a transparent web proxy, and you visit a website
>> with a Java app like I described, it can make http requests against any
>> website it likes, from your very own PC.
>
> Rather interesting.
>
> What do ISPs do to block that?
I don't know. Do any ISPs use transparent web proxies anymore?
> Wouldn't a simple firewall rule to block direct connects to the proxy IP
> address thwart such maliciousness?
That's the thing. The java app isn't making a direct connection to the
proxy IP. It is making a direct connection to the only IP it is allowed
to, the IP of the web server it came from. It is the fact that a
transparent proxy intercepts that connection which is what causes the hole.
--
Mike Cardwell - IT Consultant and LAMP developer
Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
Technical Blog: https://secure.grepular.com/blog/
More information about the Nottingham
mailing list