[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] ICQ and socks5 security risk and help needed.

To: "Fw-1-Mailinglist (E-mail)" <fw-1-mailinglist@lists.us.checkpoint.com>
Subject: [FW1] ICQ and socks5 security risk and help needed.
From: Greg Polanski <greg_polanski@adc.com>
Date: Fri, 23 Apr 1999 11:40:48 -0500


I am trying to set up socks5 for ICQ, but I am starting 
to understand the security problems.

ONE REASON ICQ IS BAD:   TCP connections to desktops inside company.
When I chose to connect to random chat partners, 
my client used the SOCKS5 server to establish TCP
connections to these other desktops, such as

	ppp-204-0-251-34.bo.gs.verio.net 
	pppin18.koblenz1.rhein-zeitung.DE
	24.66.190.22.bc.wave.home.com
	dialup168-4-8.swipnet.se

The idea of having nodes from somewhere, fetching information
from nodes inside my network, even inside a socks server,
drives me crazy.

In spite of the above caveat, I would like to assure that
I have set up my socks server correctly
so I can then kill the whole idea.

QUESTION
Are the socks5.conf and libsocks5.conf files as good as they
can be?


SOCKS 5 : /opt/socks5/etc/socks5.conf

The auth should let must my network use the socks server,
n,u (in reverse order) should get a username if possible

The UDPPORTRANGE constrains the UDP ports used.  I did 
not see a TCP Port range constraint

The noproxy says to connect directly internally
The permit says that my class B can use the server.



/opt/socks5/etc/socks5.conf

auth  155.226.0.0/255.255.0.0  -  n,u

set SOCKS5_CONFFILE /opt/socks5/etc/socks5.conf
set SOCKS5_DEMAND_IDENT
set SOCKS5_TIMEOUT 10
set SOCKS5_UDPPORTRANGE 20000-23000

noproxy -  155.226.0.0/255.255.0.0  -  -  -

permit  -  -  155.226.0.0/255.255.0.0    -  -  -



LIB SOCKS 5:  Just connect directly to everywhere.

/opt/socks5/etc/libsocks5.conf

noproxy - 155.226.0.0/255.255.0.0 - -
noproxy - - - -

Thanks

greg

_______________________________________________________________
Greg Polanski                      greg_polanski@adc.com
ADC Telecommunications, Inc.
MS 85                              612-946-2270
PO Box 1101                        612-946-2465 FAX
Minneapolis, MN  55440-1101        612-538-1833 pager
_______________________________________________________________


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Strange web problem
Next by Date: RE: [FW1] Security Servers
Prev by thread: RE: [FW1] Strange web problem
Next by thread: [FW1] ICMP Type 3 packets getting through Rule 0
Index(es):
- Date
- Thread