Netcat through Squid HTTP Proxy

From: Rod S (securitybasics_at_gmail.com)
Date: 04/15/05

Next message: João Paulo Caldas Campello: "Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?"

Previous message: Joe_Wulf: "RE: Mail Server problem / query"
Next in thread: Joachim Schipper: "Re: Netcat through Squid HTTP Proxy"
Reply: Joachim Schipper: "Re: Netcat through Squid HTTP Proxy"
Maybe reply: Todd Towles: "RE: Netcat through Squid HTTP Proxy"
Maybe reply: Otero, Hernan (EDS): "RE: Netcat through Squid HTTP Proxy"
Maybe reply: Henderson, Dennis K.: "RE: Netcat through Squid HTTP Proxy"
Maybe reply: Todd Towles: "RE: Netcat through Squid HTTP Proxy"
Maybe reply: Todd Towles: "RE: Netcat through Squid HTTP Proxy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 15 Apr 2005 10:40:31 -0400
To: "pen-test@securityfocus.com" <pen-test@securityfocus.com>

Hello,

I have a squid proxy server running, caching and filtering web access.
User workstations on my network are only allowed http access through
this proxy server. The firewall (Cisco PIX) will not let them connect
outbound to any ports.

I've done some testing and was successful in running netcat to connect
to a remote server listening with netcat on port 80 and get a command
prompt for an internal machine (which is allowed to connect to any
outgoing ports) on that remote server. I'm wondering if it's possible
for netcat to connect through our proxy server to a remote machine and
send a cmd.exe shell in the same way? Any tips on preventing this or
any other information you care to share is appreciated.

Thanks!
Rod

Next message: João Paulo Caldas Campello: "Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?"

Previous message: Joe_Wulf: "RE: Mail Server problem / query"
Next in thread: Joachim Schipper: "Re: Netcat through Squid HTTP Proxy"
Reply: Joachim Schipper: "Re: Netcat through Squid HTTP Proxy"
Maybe reply: Todd Towles: "RE: Netcat through Squid HTTP Proxy"
Maybe reply: Otero, Hernan (EDS): "RE: Netcat through Squid HTTP Proxy"
Maybe reply: Henderson, Dennis K.: "RE: Netcat through Squid HTTP Proxy"
Maybe reply: Todd Towles: "RE: Netcat through Squid HTTP Proxy"
Maybe reply: Todd Towles: "RE: Netcat through Squid HTTP Proxy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Netcat through Proxy
... I have a squid proxy server running, caching and filtering web access. ... Earn your MS in Information Security ONLINE ...
(Security-Basics)
Re: Code Red does not seem to be scanning for IIS
... 'Code Red' does not seem to be scanning for IIS ... Does anyone know if 'Code Red' has any affect on MS proxy server running on ... port 80. ...
(Bugtraq)
Re: is there a way to limit Internet Explorer to 1 site/domain
... A proxy server is a separate machine that acts as the gateway ... between an internal network and the outside. ... the proxy server running on the same PC as the one that people would log ...
(microsoft.public.windows.group_policy)
Informix ODBC client and ISA
... In my nt4 lan i have some users of Informix client (of a remote server) ... Now i want to migrate from proxy server 2 to Isa 2000. ... I install the new proxy client (necessary for connection) and i create a Ip ...
(microsoft.public.isaserver)
IE6 connects to some but not all URLs
... My ISP decided to eliminate the proxy server for reasons of little use. ... Before they took the proxy-server out of the network, ... The "can't find remote server" message popped up for certain URLs, ... Two computers see everything. ...
(microsoft.public.windows.inetexplorer.ie6.browser)