Network Security: Detailed info on Netcat through Squid HTTP Proxy

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Netcat through Squid HTTP Proxy

from [Rod S] Network Security

[Permanent Link]

Subject:	Netcat through Squid HTTP Proxy
Date:	Fri, 15 Apr 2005 10:40:31 -0400

Hello,

I have a squid proxy server running, caching and filtering web access.
User workstations on my network are only allowed http access through
this proxy server. The firewall (Cisco PIX) will not let them connect
outbound to any ports.

I've done some testing and was successful in running netcat to connect
to a remote server listening with netcat on port 80 and get a command
prompt for an internal machine (which is allowed to connect to any
outgoing ports) on that remote server. I'm wondering if it's possible
for netcat to connect through our proxy server to a remote machine and
send a cmd.exe shell in the same way? Any tips on preventing this or
any other information you care to share is appreciated.

Thanks!
Rod

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Netcat through Squid HTTP Proxy, Rod S <= Re: Netcat through Squid HTTP Proxy, Joachim Schipper RE: Netcat through Squid HTTP Proxy, Todd Towles RE: Netcat through Squid HTTP Proxy, Otero, Hernan (EDS) RE: Netcat through Squid HTTP Proxy, Henderson, Dennis K. Re: Netcat through Squid HTTP Proxy, James Kearney Re: Netcat through Squid HTTP Proxy, Chris Kuethe RE: Netcat through Squid HTTP Proxy, Todd Towles RE: Netcat through Squid HTTP Proxy, JB RE: Netcat through Squid HTTP Proxy, Todd Towles

Previous by Date:	Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?, João Paulo Caldas Campello
Next by Date:	Re: Any way to automatically change arbitrary headers of IP packets on-the-fly?, João Paulo Caldas Campello
Previous by Thread:	Mail Server problem / query, Marc Davison
Next by Thread:	Re: Netcat through Squid HTTP Proxy, Joachim Schipper
Indexes:	[Date] [Thread] [Top] [All Lists]