Open http proxies

Tim Wunder tim
Wed Dec 29 20:55:40 PST 2004 

I'm apparently running an open http proxy, at least according to 
http://opm.blitzed.org/

While trying to figure out how this happened and how I can fix it, I came 
across this:
http://www.dnsbl.au.sorbs.net/faq/proxy.shtml
Which provides a way to test whether you're running an open http proxy or not.

On that page, they say:
"In this case a SQUID proxy server was used, and fortunately by default these 
servers are secure. However, unfortunately there are a number of 'clueless' 
admins who continue to add lines like:

http_access allow all

above the line:

http_access deny CONNECT !SSL_ports

This allows anyone to connect to anything.

As proxies can talk to other proxies in what is sometimes known as 'proxy 
chaining' all the world best access control rules are defeated by getting the 
proxy server to connect to itself on the localhost, and then getting it to 
connect to where ever you want."


Well, I examined my squid.conf, and sure enough, there was an 
http_access allow all 
above the 
http_access deny CONNECT !SSL_ports

So I corrected that. 
$ grep http_access /etc/squid/squid.conf
#  TAG: http_access
#       http_access allow|deny [!]aclname ...
# http_access  allow all Commented out on 12/28/04
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access deny all

and restarted squid.
I then tried to test my setup according to the SORBS page.
My squid proxy listens on port 3128, which is blocked from the internet by my 
linksys Router. So when I try to telnet to that port, it times out on me. So 
am at loss on how to test this.

So, I made the change to my squid.conf, restarted squid and figured I'm OK. 
I then told Blitzed.org that the open proxy has been closed, and it seemed to 
be happy. 
Unfortunately, I'm listed again, and I don't know why. 

Anybody care to enlighten this 'clueless' admin?

Thanks, 
Tim

-- 
Fedora Core release 2 (Tettnang), Linux 2.6.9-1.6_FC2
KDE: 3.3.2-1.2.2.kde, xorg-x11-6.7.0-11
 19:50:02 up 21 days,  2:13,  2 users,  load average: 0.15, 0.40, 0.44
"It's what you learn after you know it all that counts" John Wooden

More information about the Linux-users mailing list