Novell Home

SOCKS and SPAM

Novell Cool Solutions: Tip
By Michael Cassman

Digg This - Slashdot This

Posted: 14 Jun 2002
 

Here's a security issue you should know about. You can relay off the BorderManager SOCKS proxy if access rules are not set up. The SOCKS proxy on BorderManager listens on all bound IP addresses and the default packet filters allow incoming connections to this port.

The SOCKS proxy is enabled typically for AOL Instant Messenger. You can disable the SOCKS proxy and create a stateful packet filter for port:5190 to login.oscar.aol.com.

Check out these TIDS for more details.

Enabling Socks gateway allows BorderManager server to be used for spamming. http://support.novell.com/cgi-bin/search/searchtid.cgi?/10068600.htm

The public ip address is being used as a proxy (no filters loaded) http://support.novell.com/cgi-bin/search/searchtid.cgi?/10064345.htm

How to avoid Mail Proxy being used to spam or forward mail http://support.novell.com/cgi-bin/search/searchtid.cgi?/10013929.htm

For related info, search the newsgroups at http://www.deja.com for

  • SOCKS PROXY SPAM
  • BorderManager 1080 SPAM
  • SOCKS and SPAM


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell