From owner-freebsd-security Sat Aug 15 01:28:43 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA04276 for freebsd-security-outgoing; Sat, 15 Aug 1998 01:28:43 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from crack.x509.com (crack.x509.com [199.175.150.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA04271 for ; Sat, 15 Aug 1998 01:28:42 -0700 (PDT) (envelope-from tbaur@xcert.com) Received: from home-int.x509.com (home-int.x509.com [199.175.148.4]) by crack.x509.com (8.8.7/XCERT) with SMTP id BAA10687; Sat, 15 Aug 1998 01:26:58 -0700 (PDT) Date: Sat, 15 Aug 1998 01:27:34 -0700 (PDT) From: Tim Baur X-Sender: tbaur@home.x509.com To: Andrew McNaughton cc: Scott , Roger Marquis , security@FreeBSD.ORG Subject: Re: Scans to ports 1090 and 1080 In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 15 Aug 1998, Andrew McNaughton wrote: > As Wingate is so convenient for hackers wanting to anonymise their > connections (and I've seen it happening a few times) I'd quite like to be > able to refuse connections if the connecting machine is running an > unsecured wingate. > > Does anyone have any suggestions as to how such a thing could be > implemented under freebsd without modifying the daemons? It would need to > run on selected ports only. Well, it would be a programming effort. But could be done, something like TCPD. Incomming inetd connections could be routed via a script/program which would check for open socks, if found the connected would be refused. Prehaps even an extension to TCPD. Even tho TCPD isnt perfect, it could work. Since I am not a hard core programmer, the coding effort isnt in my field :> But I am sure there is many ways to go about doing something like this. -- Tim Baur xcert software inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message