Netcat through Proxy

From: Rod S (securitybasics_at_gmail.com)
Date: 04/13/05

Next message: Clement Dupuis: "RE: Question about COBIT framework mapping to ISO17799"

Previous message: secure knowledge: "Query: PhD research area"
Next in thread: adisegna_at_siscocorp.com: "RE: Netcat through Proxy"
Maybe reply: Rod S: "Re: Netcat through Proxy"
Maybe reply: adisegna_at_siscocorp.com: "RE: Netcat through Proxy"
Maybe reply: adisegna_at_siscocorp.com: "RE: Netcat through Proxy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 13 Apr 2005 11:59:39 -0400
To: security-basics@securityfocus.com

Hello,

I have a squid proxy server running, caching and filtering web access.
User workstations on my network are only allowed http access through
this proxy server. The firewall (Cisco PIX) will not let them connect
outbound to any ports.

I've done some testing and was successful in running netcat to connect
to a remote server listening with netcat on port 80 and get a command
prompt for an internal machine (which is allowed to connect to any
outgoing ports) on that remote server. I'm wondering if it's possible
for netcat to connect through our proxy server to a remote machine and
send a cmd.exe shell in the same way? Any tips on preventing this or
any other information you care to share is appreciated.

Thanks!
Rod

---------------------------------------------------------------------------
Earn your MS in Information Security ONLINE
Organizations worldwide are in need of highly qualified information security
professionals. Norwich University is fulfilling this demand with its MS in
Information Security offered online. Recognized by the NSA as an
academically excellent program, NU offers you the opportunity to earn your
degree without disrupting your home or work life.

http://www.msia.norwich.edu/secfocus_en
----------------------------------------------------------------------------

Next message: Clement Dupuis: "RE: Question about COBIT framework mapping to ISO17799"

Previous message: secure knowledge: "Query: PhD research area"
Next in thread: adisegna_at_siscocorp.com: "RE: Netcat through Proxy"
Maybe reply: Rod S: "Re: Netcat through Proxy"
Maybe reply: adisegna_at_siscocorp.com: "RE: Netcat through Proxy"
Maybe reply: adisegna_at_siscocorp.com: "RE: Netcat through Proxy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Netcat through Proxy
... it is possible to tunnel a netcat connection through a squid http ... I also use a PIX and have to deal with the same ... > I have a squid proxy server running, ... > Earn your MS in Information Security ONLINE ...
(Security-Basics)
RE: Netcat through Proxy
... The pix won't provide the level of application layer filtering you would ... I have a squid proxy server running, ... Earn your MS in Information Security ONLINE ...
(Security-Basics)
Netcat through Squid HTTP Proxy
... I have a squid proxy server running, caching and filtering web access. ... to a remote server listening with netcat on port 80 and get a command ...
(Pen-Test)
Re: Code Red does not seem to be scanning for IIS
... 'Code Red' does not seem to be scanning for IIS ... Does anyone know if 'Code Red' has any affect on MS proxy server running on ... port 80. ...
(Bugtraq)
Re: is there a way to limit Internet Explorer to 1 site/domain
... A proxy server is a separate machine that acts as the gateway ... between an internal network and the outside. ... the proxy server running on the same PC as the one that people would log ...
(microsoft.public.windows.group_policy)