Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Subject: Re: MSProxy Server 2
From: Keith McCammon (kmccammonTIDALWAVE.NET)
Date: Fri Jun 02 2000 - 10:42:56 CDT
- Next message: sigippWELLA.COM.BR: "Re: Regarding *.pwl files..."
- Previous message: Cave, Glynis: "Password Aging/Remote Access"
- Maybe reply: Keith McCammon: "Re: MSProxy Server 2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
The key to Proxy Server is the LAT. This is the most important
aspect of this software. If you carelessly add IP classes, or need
more classes and add live IP's, you're hosed. Only add what you
need, and always use identification. If you want a public IP
included, that's fine; but remember that you now open your network up
to spoofing, etc. Can it be done? Yes. It is a ridiculous idea?
Also, make sure IP forwarding is turned off (Proxy 2 install does
this, but often times people mistakenly think that since two NICs are
involved that you need to "forward" between the two - wrong).
As far as holes are concerned, Proxy is one of the "cleaner" programs
that Microsoft has put out. The reason it is exploited so often is
because admins don't take the time to REALLY understand what is
happening in a proxy environment (not just MS proxy, but ANY proxy).
MS has a bad rep for selling open-by-default software, but things can
be closed (in time), and it can be made secure.
Keith W. McCammon
Quantum Communications, Inc.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----