[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables + icq

On Fri, 17 Aug 2001, Michael Wood wrote:

> On Fri, Aug 17, 2001 at 08:10:41AM +1000, Paul Haesler wrote:
> > Are you masquerading?I found the easiest way to get icq to
> > work through IP-masquerading was to use a SOCKS proxy:
> >
> > apt-get install socks4
> Or "apt-get install dante" since it supports socks4 and socks5.

But isn't a socks proxy quite a big hole in the firewall?

Spesifically, it allows any trojaned host in the inside network to accept
connections from the outside.

(Also: an ICQ client listening on a port is also a weakness. I'm not
entirely sure that those clients, at least the mirabilis ones, don't have
some exploitable/exploited buffer overflows)

Tzafrir Cohen

Reply to: