Re: [fw-wiz] Best way to block incoming connections from open httpproxy servers?




Trying to enumerate the bad IP addresses with open proxies is a loosing
battle. I have school kids setting up their own https anonymous proxies to
get past the school's filtering system. And they are on a DHCP address with
dynamicDNS which they reset every night so it's different the next day when
they go to school.
Way too much maintenance for me.
Their may be some comprehensive lists of proxies out there, but none that I
find very well-maintained.

Are you trying to prevent external users from anonymizing themselves when
they hit your site?
You might be able to do it with a reverse proxy of some sort that looks at
various characteristics of the request headers and have rules to restrict if
there are X-Proxy-Via: or are missing a standard User-Agent: headers.

Explain why you are trying to block them and we might have some other ideas.


________________________________

From: firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx
[mailto:firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Chris
Smith
Sent: Monday, May 21, 2007 17:16
To: firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
Subject: [fw-wiz] Best way to block incoming connections from open httpproxy
servers?



Hi All.



What's the recommended way to maintain a list of public, open http proxies
and block them from making inbound connections to an http server with
iptables?



I have linblock http://www.dessent.net/linblock/ which I use for a few other
lists. Is there a regularly updated list out there for open http proxies
that can be used for this purpose?



I'm hoping I can retrieve a text file with the IP's every day with a cron
job and let linblock update an IPTables chain. Perhaps there's a better
way?



csmith


_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • [TOOL] ProxyChains, Proxy Chaining Tool (Linking)
    ... HTTP proxies. ... The program supports the following proxies: ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)
  • Re: [Full-disclosure] China - the land of open proxies
    ... hundreds of Chinese proxies on port 8909 started showing up ... every day on public proxy lists. ... may be able to use for forensic purposes or router block lists. ... Full-Disclosure - We believe in it. ...
    (Full-Disclosure)
  • Re: [Full-disclosure] China - the land of open proxies
    ... hundreds of Chinese proxies on port 8909 started showing up ... may be able to use for forensic purposes or router block lists. ... New port 9415 proxies stopped showing up on proxy lists when 8909 began ...
    (Full-Disclosure)
  • Re: [Full-disclosure] China - the land of open proxies
    ... hundreds of Chinese proxies on port 8909 started showing up ... every day on public proxy lists. ... may be able to use for forensic purposes or router block lists. ... Full-Disclosure - We believe in it. ...
    (Full-Disclosure)
  • Re: Damn you, FEDEX! or Nikon D40 lost in Springfield, MO blackhole.
    ... the 2 mp Mavica he had been using with a Nikon D40. ... After shopping around, he got me to order one for him. ... The shipper had it insured, but from what I have read it could take weeks to sort this crap out. ... You may get your insurance from FedEx and a couple weeks later they find it and deliver it. ...
    (alt.photography)