From owner-freebsd-security Sat Aug 15 01:17:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA03531 for freebsd-security-outgoing; Sat, 15 Aug 1998 01:17:39 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA03525 for ; Sat, 15 Aug 1998 01:17:26 -0700 (PDT) (envelope-from andrew@squiz.co.nz) Received: from localhost (andrew@localhost) by aniwa.sky (8.8.7/8.8.7) with SMTP id UAA03003; Sat, 15 Aug 1998 20:14:17 +1200 (NZST) (envelope-from andrew@squiz.co.nz) Date: Sat, 15 Aug 1998 20:14:17 +1200 (NZST) From: Andrew McNaughton X-Sender: andrew@aniwa.sky Reply-To: andrew@squiz.co.nz To: Tim Baur cc: Scott , Roger Marquis , security@FreeBSD.ORG Subject: Re: Scans to ports 1090 and 1080 In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 14 Aug 1998, Tim Baur wrote: > Or servers checking for open wingates etc. For example, DALnet ircd, > checks for open socks on port 1080 on connection. So depending on the > host, it might not be what you think it is. As Wingate is so convenient for hackers wanting to anonymise their connections (and I've seen it happening a few times) I'd quite like to be able to refuse connections if the connecting machine is running an unsecured wingate. Does anyone have any suggestions as to how such a thing could be implemented under freebsd without modifying the daemons? It would need to run on selected ports only. Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message