Open Proxy - how do I prevent it? (long mail)
From: Thomas Rokamp (email@example.com)
From: Thomas Rokamp <firstname.lastname@example.org> Date: Fri, 04 Apr 2003 11:30:16 +0200
I have been told from several places, that my dsl connection at home
responds as an open proxy.
After having read several pages with more or less useful information,
I have found out that it typically means, that my server (or whatever)
responds incorrectly when "scanned" on special ports.
Info on my system:
I have router in front of it all. It's in property of my ISP, so I can
not alter its configuration.
Anyway - it is forwarding the following ports to my server :
And thats it! As far as I can see, none of the above ports are related
to any kind of proxy.
It IS actually posibble, that the router responds on other ports as
well, in order to allow the ISP to remotely configure the router. I
don't know about this. But this could be the problem, right?
After my router comes my internal network. The router connects
directly to a switch.
On the same switch my home computers sits, and also my server.
The server responds to the above ports, excluding telnet (23) and by
now https (443).
Apache 2.x.x for http (80)
ProFTPd for ftp (20/21)
Qmail for smtp (25)
Vpopmail on Qmail for pop3 (110)
SSH fro ssh (22)
I used to have a Proxy within my Apache setup, but it performed
awfully (used it to forward requests to Tomcat - that was before I
knew about the WARP connector).
Now for the big question - how can I see, that I have an open proxy -
and in that case, how do I remove it???
Any help is very much appreciated!
Even help on making the above setup more secure in other ways, is
Thanks in advance,