Our IP is listed as an open proxy/open relay. We use wingate pro ver 5.0.5 build 815, and netvistic mail server. It has been determined using netvistic support, that it is not an open relay, but an open proxy. I cannot find out how to close this open proxy. The extended networking is on, with the firewall set as custom, (using med blocks some traffic), we are getting hit by many, many requests a day, which the firewall is blocking, but I've had the IP tested again and again but open proxy tests show port 80 and 1080, socks, are still showing up. The www proxy and socks are bound to only our internal ip, 192.168.0.X and 127.0.0.1. Is there something else I must do to close the door to the open proxies? This is very frustrating.
Thanks for any help you can give.
Matt Keiser
server listed as an open proxy
Moderator: Qbik Staff
5 posts
• Page 1 of 1
by labull » Nov 20 03 5:38 am
Matt,
Sounds like you're doing things correctly.
Do you have any other proxy services defined?
You could do an Options - Advanced - Save Report.
The 6.xx entries in the report will show you how the services are configured.
You could mail the entire report to the Qbik folks or possibly paste any sections you have questions about here.
Larry
Sounds like you're doing things correctly.
Do you have any other proxy services defined?
You could do an Options - Advanced - Save Report.
The 6.xx entries in the report will show you how the services are configured.
You could mail the entire report to the Qbik folks or possibly paste any sections you have questions about here.
Larry
- labull
- WinGate Guru
- Posts: 710
- Joined: Sep 06 03 1:03 am
- Location: Washington, DC - USA
by dgi » Nov 20 03 7:49 am
thanks for the reply:
Here is the 6.xx portion of the report:
"6.01 ---------------------------------------------
6.02 Services
6.03 ---------------------------------------------
6.04
6.05 System Policies
6.06 ---------------------------------------------
6.07 Default System Access Rights:
6.08 Everyone - Unrestricted rights
6.09 Everyone - Restricted by time, ban list
6.10 Default Start/Stop Rights:
6.11 Administrators - Unrestricted rights
6.12 Default Edit Rights:
6.13 Administrators - Unrestricted rights
6.14
6.15 POP3 Proxy server (POP3 Proxy server)
6.16 ---------------------------------------------
6.17 Session Timeout: 120
6.18 Port: 110
6.19 Startup: Disabled
6.20 Binding 1: 127.0.0.1
6.21 Binding 2: 192.168.0.7
6.22 Access Rights: Defaults: may be used instead
6.23 Start/Stop Rights: Defaults: may be used instead
6.24 Edit Rights: Defaults: may be used instead
6.25
6.26 Telnet Proxy server (Telnet Proxy server)
6.27 ---------------------------------------------
6.28 Session Timeout: 60
6.29 Port: 23
6.30 Startup: Automatic start/stop
6.31 Binding 1: 127.0.0.1
6.32 Binding 2: 192.168.0.7
6.33 Access Rights: Defaults: may be used instead
6.34 Start/Stop Rights: Defaults: may be used instead
6.35 Edit Rights: Defaults: may be used instead
6.36
6.37 WWW Proxy server (WWW Proxy server)
6.38 ---------------------------------------------
6.39 Session Timeout: 60
6.40 Port: 80
6.41 Startup: Automatic start/stop
6.42 Binding 1: 127.0.0.1
6.43 Binding 2: 192.168.0.7
6.44 Access Rights: Defaults: may be used instead
6.45 Start/Stop Rights: Defaults: may be used instead
6.46 Edit Rights: Defaults: may be used instead
6.47
6.48 DHCP Service (DHCP Service)
6.49 ---------------------------------------------
6.50 Session Timeout: 60
6.51 Port: 67
6.52 Startup: Automatic start/stop
6.53 Binding 1: 192.168.0.7
6.54 Access Rights: Defaults: may be used instead
6.55 Everyone - Unrestricted rights
6.56 Start/Stop Rights: Defaults: may be used instead
6.57 Edit Rights: Defaults: may be used instead
6.58
6.59 Winsock Redirector Service (Winsock Redirector Service)
6.60 ---------------------------------------------
6.61 Session Timeout: 20
6.62 Port: 2080
6.63 Startup: Automatic start/stop
6.64 Binding 1: 127.0.0.1
6.65 Binding 2: 192.168.0.7
6.66 Access Rights: Defaults: may be used instead
6.67 Start/Stop Rights: Defaults: may be used instead
6.68 Edit Rights: Defaults: may be used instead
6.69
6.70 FTP Proxy server (FTP Proxy server)
6.71 ---------------------------------------------
6.72 Session Timeout: 60
6.73 Port: 21
6.74 Startup: Automatic start/stop
6.75 Binding 1: 127.0.0.1
6.76 Binding 2: 192.168.0.7
6.77 Access Rights: Defaults: may be used instead
6.78 Start/Stop Rights: Defaults: may be used instead
6.79 Edit Rights: Defaults: may be used instead
6.80
6.81 RTSP Streaming Media Proxy (RTSP Streaming Media Proxy)
6.82 ---------------------------------------------
6.83 Session Timeout: 60
6.84 Port: 554
6.85 Startup: Automatic start/stop
6.86 Binding 1: 127.0.0.1
6.87 Binding 2: 192.168.0.7
6.88 Access Rights: Defaults: may be used instead
6.89 Start/Stop Rights: Defaults: may be used instead
6.90 Edit Rights: Defaults: may be used instead
6.91
6.92 SOCKS Proxy server (SOCKS Proxy server)
6.93 ---------------------------------------------
6.94 Session Timeout: 60
6.95 Port: 1080
6.96 Startup: Automatic start/stop
6.97 Binding 1: 127.0.0.1
6.98 Binding 2: 192.168.0.7
6.99 Access Rights: Defaults: may be used instead
6.100 Start/Stop Rights: Defaults: may be used instead
6.101 Edit Rights: Defaults: may be used instead
6.102
6.103 VDOLive Proxy server (VDOLive Proxy server)
6.104 ---------------------------------------------
6.105 Session Timeout: 60
6.106 Port: 7000
6.107 Startup: Automatic start/stop
6.108 Binding 1: 127.0.0.1
6.109 Binding 2: 192.168.0.7
6.110 Access Rights: Defaults: may be used instead
6.111 Start/Stop Rights: Defaults: may be used instead
6.112 Edit Rights: Defaults: may be used instead
6.113
6.114 POP3 Server (POP3 Server)
6.115 ---------------------------------------------
6.116 Session Timeout: 120
6.117 Port: 110
6.118 Startup: Disabled
6.119 Binding 1: 127.0.0.1
6.120 Binding 2: 192.168.0.7
6.121 Access Rights: Defaults: may be used instead
6.122 Start/Stop Rights: Defaults: may be used instead
6.123 Edit Rights: Defaults: may be used instead
6.124
6.125 SMTP Server (SMTP Server)
6.126 ---------------------------------------------
6.127 Session Timeout: 300
6.128 Port: 25
6.129 Startup: Disabled
6.130 Binding 1: 127.0.0.1
6.131 Binding 2: 192.168.0.7
6.132 Access Rights: Defaults: may be used instead
6.133 Start/Stop Rights: Defaults: may be used instead
6.134 Edit Rights: Defaults: may be used instead
6.135
6.136 GDP Service (GDP Service)
6.137 ---------------------------------------------
6.138 Session Timeout: 60
6.139 Port: 368
6.140 Startup: Automatic start/stop
6.141 Binding 1: 127.0.0.1
6.142 Binding 2: 192.168.0.7
6.143 Access Rights: Defaults: may be used instead
6.144 Start/Stop Rights: Defaults: may be used instead
6.145 Edit Rights: Defaults: may be used instead
6.146
6.147 XDMA Proxy service (XDMA Proxy service)
6.148 ---------------------------------------------
6.149 Session Timeout: 20
6.150 Port: 8000
6.151 Startup: Automatic start/stop
6.152 Binding 1: 127.0.0.1
6.153 Binding 2: 192.168.0.7
6.154 Access Rights: Defaults: may be used instead
6.155 Start/Stop Rights: Defaults: may be used instead
6.156 Edit Rights: Defaults: may be used instead
6.157
6.158 TCP Mapping service (TCP Mapping service)
6.159 ---------------------------------------------
6.160 Session Timeout: 60
6.161 Port: 6667
6.162 Startup: Automatic start/stop
6.163 Binding 1: 127.0.0.1
6.164 Binding 2: 192.168.0.7
6.165 Access Rights: Defaults: may be used instead
6.166 Start/Stop Rights: Defaults: may be used instead
6.167 Edit Rights: Defaults: may be used instead
6.168
6.169 DNS Service (DNS Service)
6.170 ---------------------------------------------
6.171 Session Timeout: 60
6.172 Port: 53
6.173 Startup: Automatic start/stop
6.174 Binding 1: 192.168.0.7
6.175 Access Rights: Defaults: may be used instead
6.176 Start/Stop Rights: Defaults: may be used instead
6.177 Edit Rights: Defaults: may be used instead
6.178
6.179 Remote Control Service (Remote Control Service)
6.180 ---------------------------------------------
6.181 Session Timeout: 60
6.182 Port: 808
6.183 Startup: Automatic start/stop
6.184 Binding: 127.0.0.1
6.185 Access Rights: Defaults: may be used instead
6.186 Start/Stop Rights: Defaults: may be used instead
6.187 Edit Rights: Defaults: may be used instead
6.188 "
Does not look like anything bad to me, but ....
dgi
Here is the 6.xx portion of the report:
"6.01 ---------------------------------------------
6.02 Services
6.03 ---------------------------------------------
6.04
6.05 System Policies
6.06 ---------------------------------------------
6.07 Default System Access Rights:
6.08 Everyone - Unrestricted rights
6.09 Everyone - Restricted by time, ban list
6.10 Default Start/Stop Rights:
6.11 Administrators - Unrestricted rights
6.12 Default Edit Rights:
6.13 Administrators - Unrestricted rights
6.14
6.15 POP3 Proxy server (POP3 Proxy server)
6.16 ---------------------------------------------
6.17 Session Timeout: 120
6.18 Port: 110
6.19 Startup: Disabled
6.20 Binding 1: 127.0.0.1
6.21 Binding 2: 192.168.0.7
6.22 Access Rights: Defaults: may be used instead
6.23 Start/Stop Rights: Defaults: may be used instead
6.24 Edit Rights: Defaults: may be used instead
6.25
6.26 Telnet Proxy server (Telnet Proxy server)
6.27 ---------------------------------------------
6.28 Session Timeout: 60
6.29 Port: 23
6.30 Startup: Automatic start/stop
6.31 Binding 1: 127.0.0.1
6.32 Binding 2: 192.168.0.7
6.33 Access Rights: Defaults: may be used instead
6.34 Start/Stop Rights: Defaults: may be used instead
6.35 Edit Rights: Defaults: may be used instead
6.36
6.37 WWW Proxy server (WWW Proxy server)
6.38 ---------------------------------------------
6.39 Session Timeout: 60
6.40 Port: 80
6.41 Startup: Automatic start/stop
6.42 Binding 1: 127.0.0.1
6.43 Binding 2: 192.168.0.7
6.44 Access Rights: Defaults: may be used instead
6.45 Start/Stop Rights: Defaults: may be used instead
6.46 Edit Rights: Defaults: may be used instead
6.47
6.48 DHCP Service (DHCP Service)
6.49 ---------------------------------------------
6.50 Session Timeout: 60
6.51 Port: 67
6.52 Startup: Automatic start/stop
6.53 Binding 1: 192.168.0.7
6.54 Access Rights: Defaults: may be used instead
6.55 Everyone - Unrestricted rights
6.56 Start/Stop Rights: Defaults: may be used instead
6.57 Edit Rights: Defaults: may be used instead
6.58
6.59 Winsock Redirector Service (Winsock Redirector Service)
6.60 ---------------------------------------------
6.61 Session Timeout: 20
6.62 Port: 2080
6.63 Startup: Automatic start/stop
6.64 Binding 1: 127.0.0.1
6.65 Binding 2: 192.168.0.7
6.66 Access Rights: Defaults: may be used instead
6.67 Start/Stop Rights: Defaults: may be used instead
6.68 Edit Rights: Defaults: may be used instead
6.69
6.70 FTP Proxy server (FTP Proxy server)
6.71 ---------------------------------------------
6.72 Session Timeout: 60
6.73 Port: 21
6.74 Startup: Automatic start/stop
6.75 Binding 1: 127.0.0.1
6.76 Binding 2: 192.168.0.7
6.77 Access Rights: Defaults: may be used instead
6.78 Start/Stop Rights: Defaults: may be used instead
6.79 Edit Rights: Defaults: may be used instead
6.80
6.81 RTSP Streaming Media Proxy (RTSP Streaming Media Proxy)
6.82 ---------------------------------------------
6.83 Session Timeout: 60
6.84 Port: 554
6.85 Startup: Automatic start/stop
6.86 Binding 1: 127.0.0.1
6.87 Binding 2: 192.168.0.7
6.88 Access Rights: Defaults: may be used instead
6.89 Start/Stop Rights: Defaults: may be used instead
6.90 Edit Rights: Defaults: may be used instead
6.91
6.92 SOCKS Proxy server (SOCKS Proxy server)
6.93 ---------------------------------------------
6.94 Session Timeout: 60
6.95 Port: 1080
6.96 Startup: Automatic start/stop
6.97 Binding 1: 127.0.0.1
6.98 Binding 2: 192.168.0.7
6.99 Access Rights: Defaults: may be used instead
6.100 Start/Stop Rights: Defaults: may be used instead
6.101 Edit Rights: Defaults: may be used instead
6.102
6.103 VDOLive Proxy server (VDOLive Proxy server)
6.104 ---------------------------------------------
6.105 Session Timeout: 60
6.106 Port: 7000
6.107 Startup: Automatic start/stop
6.108 Binding 1: 127.0.0.1
6.109 Binding 2: 192.168.0.7
6.110 Access Rights: Defaults: may be used instead
6.111 Start/Stop Rights: Defaults: may be used instead
6.112 Edit Rights: Defaults: may be used instead
6.113
6.114 POP3 Server (POP3 Server)
6.115 ---------------------------------------------
6.116 Session Timeout: 120
6.117 Port: 110
6.118 Startup: Disabled
6.119 Binding 1: 127.0.0.1
6.120 Binding 2: 192.168.0.7
6.121 Access Rights: Defaults: may be used instead
6.122 Start/Stop Rights: Defaults: may be used instead
6.123 Edit Rights: Defaults: may be used instead
6.124
6.125 SMTP Server (SMTP Server)
6.126 ---------------------------------------------
6.127 Session Timeout: 300
6.128 Port: 25
6.129 Startup: Disabled
6.130 Binding 1: 127.0.0.1
6.131 Binding 2: 192.168.0.7
6.132 Access Rights: Defaults: may be used instead
6.133 Start/Stop Rights: Defaults: may be used instead
6.134 Edit Rights: Defaults: may be used instead
6.135
6.136 GDP Service (GDP Service)
6.137 ---------------------------------------------
6.138 Session Timeout: 60
6.139 Port: 368
6.140 Startup: Automatic start/stop
6.141 Binding 1: 127.0.0.1
6.142 Binding 2: 192.168.0.7
6.143 Access Rights: Defaults: may be used instead
6.144 Start/Stop Rights: Defaults: may be used instead
6.145 Edit Rights: Defaults: may be used instead
6.146
6.147 XDMA Proxy service (XDMA Proxy service)
6.148 ---------------------------------------------
6.149 Session Timeout: 20
6.150 Port: 8000
6.151 Startup: Automatic start/stop
6.152 Binding 1: 127.0.0.1
6.153 Binding 2: 192.168.0.7
6.154 Access Rights: Defaults: may be used instead
6.155 Start/Stop Rights: Defaults: may be used instead
6.156 Edit Rights: Defaults: may be used instead
6.157
6.158 TCP Mapping service (TCP Mapping service)
6.159 ---------------------------------------------
6.160 Session Timeout: 60
6.161 Port: 6667
6.162 Startup: Automatic start/stop
6.163 Binding 1: 127.0.0.1
6.164 Binding 2: 192.168.0.7
6.165 Access Rights: Defaults: may be used instead
6.166 Start/Stop Rights: Defaults: may be used instead
6.167 Edit Rights: Defaults: may be used instead
6.168
6.169 DNS Service (DNS Service)
6.170 ---------------------------------------------
6.171 Session Timeout: 60
6.172 Port: 53
6.173 Startup: Automatic start/stop
6.174 Binding 1: 192.168.0.7
6.175 Access Rights: Defaults: may be used instead
6.176 Start/Stop Rights: Defaults: may be used instead
6.177 Edit Rights: Defaults: may be used instead
6.178
6.179 Remote Control Service (Remote Control Service)
6.180 ---------------------------------------------
6.181 Session Timeout: 60
6.182 Port: 808
6.183 Startup: Automatic start/stop
6.184 Binding: 127.0.0.1
6.185 Access Rights: Defaults: may be used instead
6.186 Start/Stop Rights: Defaults: may be used instead
6.187 Edit Rights: Defaults: may be used instead
6.188 "
Does not look like anything bad to me, but ....
dgi
- dgi
- Posts: 3
- Joined: Oct 08 03 8:03 am
by neil » Nov 20 03 4:51 pm
As long as those ports (80 and 1080) are blocked from external accessin the Port Security tab in the ENS properties, then it shouldn't be WinGate. Is there a chance you have a trojan on there?!
One easy way to see would be to download Netpatrol, from http://www.netpatrol.com , and install the PortList portion. Once installed, when run, this app will show you what ports you have open / listening etc and which applications are holding them open.
Regards,
Neil
One easy way to see would be to download Netpatrol, from http://www.netpatrol.com , and install the PortList portion. Once installed, when run, this app will show you what ports you have open / listening etc and which applications are holding them open.
Regards,
Neil
- neil
- Qbik Staff
- Posts: 356
- Joined: Sep 03 03 2:42 pm
- Location: Auckland
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 10 guests