[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] How to prevent CONNECT proxy requests...

Subject: [cobalt-users] How to prevent CONNECT proxy requests...
From: Robin Belley <Robin_B@xxxxxxxxxxxxxxx>
Date: Fri Apr 18 08:17:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Need some help with my Apache configuration...I have a number of RaQ4 and
RaQ5 for hosting and I've noticed that some of them have been used to relay
SPAM through proxy requests recently.  There's been other attempted outbound
connections on port 21 and 119, but these were caught by the firewall.

217.21.114.135 - - April 15, 2003 0:3:16 400 CONNECT 64.156.215.5:25
HTTP/1.1 302 219 - -
217.21.114.135 - - April 15, 2003 0:36:4 400 CONNECT 64.156.215.5:25
HTTP/1.1	302 218 - -
217.21.114.135 - - April 15, 2003 0:36:7 400 CONNECT 207.46.181.13:25
HTTP/1.1 302 222 - -

The firewall prevent inbound and outbound on all but a few ports and mail
relay rules are in place.  Since this is a proxy request, however, I can't
block port 80 and port 25. The inbound CONNECT requests are coming from
random DSL drones and it would be a waist of time to try to block them at
the firewall. I could block the outbound requests to the offending mail
servers on the firewall, but I'm afraid that this would lead to unnecessary
load on the web servers.

I've look at the Apache doc and the news regarding the Limit and LimitExcept
directives.  Since the Cobalts are sometimes capricious about changes to
their conficuration, I was wondering if someone out there had the correct
directives in place.

Thanks !

Robin

Prev by Date: Re: [cobalt-users] Is installing ODBC Driver to Raq server possible?
Next by Date: RE: [cobalt-users] Server Hacked
Previous by thread: Re: [cobalt-users] XTR giving errors;
Next by thread: [cobalt-users] Drive Ghosting

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index