security hole?
Dzon
dzon na writeme.com
Úterý Červen 22 11:10:32 CEST 1999
Ahoj,
testoval jsem nas server pomoci programu nessus [http://www.nessus.org]
a ziskal jsem tento vystup:
REPORT The remote proxy accepted the request :
GET http://dzon:25 HTTP/1.1
This means that anyone can use it to connect
anonymously anywhere.
Solution : edit the proxy config file and deny
all the ports except 80 and 21 (ftp)
gate unknown (3128/tcp)
REPORT The remote proxy accepted the request :
POST http://dzon:25 HTTP/1.1
This means that anyone can use it to connect
anonymously anywhere. This method offers an
interactive prompt to the attacker.
Solution : edit the proxy config file and deny
all the ports except 80 and 21 (ftp)
Jak se muze dostat kdokoli kamkoli? Zkousel jsem to z commandline
a jedine co jsem dostal bylo connection refused, server may be
busy or down.
Neotravoval bych tu, ale jestli to je vazne dira, chtel bych
to vedet :)
Btw --- co to je 'smad attack'? toto je take jeden z Nessovych
warnings
Diky
--
-Dzon
dzon na writeme.com
Další informace o konferenci Linux