Re: Removal of IP

[Brian Longwe <brian at pch.net>]

Proxy didn't have an ACL to control who could/couldn't use it.

(Apparently this is also a glitch in cisco's Content Engine IOS ver. 3
when http proxy is enabled)


Brian
On Mon, 5 May 2003 antonio at nambu.uem.mz wrote:

> How were they exploiting the proxy?
>
> Cheers,
>
>
>
> On 5 May 2003 at 1:45, Brian Longwe wrote:
>
> >
> >
> > On Mon, 5 May 2003, Sunday Folayan wrote:
> > > They spam using http not smtp. smtp is blocked, but you cannot do that for
> > > http. They don't send one, they have programs that send thousands within
> > > an hour, just changing recipient addresses. BTW. I also get some addressed
> > > to me, since I figure they bought addresses on CD.
> > >
> >
> > One of our clients had an open http proxy which was exploited as a launch
> > pad for spam - it took us three hours to detect and close the hole -
> > within which time approx 30,000 messages had been generated - this stuff
> > is deadly!
> >
> > Longwe
> >
> >
> > -----
> > This is the afnog mailing list, managed by Majordomo 1.94.5
> >
> > To send a message to this list, e-mail afnog at afnog.org
> > To send a request to majordomo, e-mail majordomo at afnog.org and put
> > your request in the body of the message (i.e use "help" for help)
> >
> > This list is maintained by owner-afnog at afnog.org
> >
>
>
>


-----
This is the afnog mailing list, managed by Majordomo 1.94.5

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org