From: Rod S (securitybasics@gmail.com)
Date: Fri Apr 15 2005 - 10:40:31 EDT
Hello,
I have a squid proxy server running, caching and filtering web access.
User workstations on my network are only allowed http access through
this proxy server. The firewall (Cisco PIX) will not let them connect
outbound to any ports.
I've done some testing and was successful in running netcat to connect
to a remote server listening with netcat on port 80 and get a command
prompt for an internal machine (which is allowed to connect to any
outgoing ports) on that remote server. I'm wondering if it's possible
for netcat to connect through our proxy server to a remote machine and
send a cmd.exe shell in the same way? Any tips on preventing this or
any other information you care to share is appreciated.
Thanks!
Rod
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:19 EDT