|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Open relays and open proxies
On Thu, Apr 24, 2003 at 02:11:12PM -0500, Adi Linden wrote: > I am seeing an increasing number of hosts on our network become an > open proxy. So far the response to this has been reactive, once I > receive complaints from spam victims I deal with the source of the > problem. > > Is there an accepted way of blocking open proxy and open relay traffic > at the network edge? The obvious way would be to block the commonly abused ports... presumably, you will have very few customers who actually need to have port 1080, 3128 8080, or whatever open. Obviously, I can't say whether this would be effective for your particular application. Also, you could consider running proactive scans on your network with available proxy-checking tools. I use proxycheck to manually check hosts for open proxies (http://www.corpit.ru/mjt/proxycheck.html)... you could script this (or a similar tool) and run scans of your entire network. -- "Since when is skepticism un-American? Dissent's not treason but they talk like it's the same..." (Sleater-Kinney - "Combat Rock")
|