I am on wingate 5.2.2. Operating system is win2k pro(I turned off IIS, smtp,etc.). I am hosing a web site using wingate . I use dns2go to point to my current ip address because the ip address is dynamic. I created a proxy in wingate on port 8080. The service is bound to the external ip, the wingate server ip and loopback. I use transparent redirection. I "pipe request through to a predetermined server" ip address that is behind my wingate server. All this works fine and I can access my web site from any internet site. My question/problem is that occasionally when reviewing my logs, I find “guest” users that appear to be coming in on my current ip address/port(8080) that are visiting other sites(yahoo, ebay, etc..). I don’t know if this is because they are on my site and open another browser session and that new session goes through my site to the internet? The ip’s that are doing this are varied and they don’t stay connected long, from what I can see from the logs. I am an applications guy, not a network or security guy, so I don’t know how concerned I should be about this, if at all(I don’t think I’m being “hacked’, if these “guest” users are visiting ebay and msn). I would however, like to keep my “guest” users on the server I point them too and limit them to just that.
Any help/suggestions would be greatly appreciated
Guest users accessing other sites from my server?
Moderator: Qbik Staff
3 posts
• Page 1 of 1
Guest users accessing other sites from my server?
by rdunn » Dec 17 03 10:00 am
- rdunn
- Posts: 14
- Joined: Nov 12 03 5:07 am
by azeni » Dec 18 03 5:28 am
I am having the same issue. Most of the redirections are coming from China. I enabled the banned list in the WWW Proxy server but that doesn't seem to work. My only solution so far is to create a dummy user that is not enabled and set up an IP alias for those users. I would like a global solution. Any help is appreciated
- azeni
- Posts: 4
- Joined: Dec 18 03 5:24 am
by adrien » Dec 18 03 10:19 am
Hi
Basically you don't want these users using your proxy like that.
If you are simply piping an incoming request to a server behind WinGate, you are best not to use the WWW Proxy, but rather either
a) a redirect on port 80 in the ENS (under port security, connections from the internet on TCP, add a range for port 8080 (or whatever port you wish), and get it to redirect to your internal server)
b) a TCP mapping proxy to do the same thing.
as an aside, you can also stop people making proxy requests through a proxy as well (so it can only be a server or redirect incoming requests) using the policies. To do this, you would create a user policy for the particular WWW Proxy, make it not use system rules and add an advanced criteria where "NOT Is proxy request is true"
Adrien
Basically you don't want these users using your proxy like that.
If you are simply piping an incoming request to a server behind WinGate, you are best not to use the WWW Proxy, but rather either
a) a redirect on port 80 in the ENS (under port security, connections from the internet on TCP, add a range for port 8080 (or whatever port you wish), and get it to redirect to your internal server)
b) a TCP mapping proxy to do the same thing.
as an aside, you can also stop people making proxy requests through a proxy as well (so it can only be a server or redirect incoming requests) using the policies. To do this, you would create a user policy for the particular WWW Proxy, make it not use system rules and add an advanced criteria where "NOT Is proxy request is true"
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 4 guests