Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Mar 26 10 7:29 pm
Hi
Firstly, I am from South Africa.
I recently had to format and reload my wingate server, since then I have noticed strange IP's using my server to browse the web.
A whois puts them all in America.
I have been blackholeing them as I notice them but obviously there is some big security flaw in my setup.
Can someone help me fix this please?
Thank You
Sean
My firewall info on some of them.
Wingate firewall hit report:
Time: 2010/03/26 08:23:43 AM
Reason: Blackholed
Source MAC address: 00-26-0B-6C-2A-8C
Destination MAC address: 00-21-91-92-AF-3F
Source IP Address: 71.6.232.131 : 53653
Destination IP Address: "my proxy servers internal ip address" : 80
Protocol: TCP
TCP flags: S
Time-to-live: 43
Wingate firewall hit report:
Time: 2010/03/26 08:23:42 AM
Reason: Blackholed
Source MAC address: 00-26-0B-6C-2A-8C
Destination MAC address: 00-21-91-92-AF-3F
Source IP Address: 173.224.112.96 : 49857
Destination IP Address: "my proxy servers internal ip address" : 80
Protocol: TCP
TCP flags: S
Time-to-live: 44
Wingate firewall hit report:
Time: 2010/03/25 11:04:41 PM
Reason: Blackholed
Source MAC address: 00-26-0B-6C-2A-8C
Destination MAC address: 00-21-91-92-AF-3F
Source IP Address: 64.191.101.5 : 42333
Destination IP Address: "my proxy servers internal ip address" : 80
Protocol: TCP
TCP flags: S
Time-to-live: 52
Mar 27 10 9:29 am
Hi
You must have your WWW proxy bound to your external interface.
Normally this isn't required, but If you need to do this, you should lock it down so it needs auth, or won't do proxy requests (e.g. if you're using it for a reverse proxy or server).
Otherwise many people will use it.
Regards
Adrien
Apr 02 10 1:09 am
Hi
I have tried working this out for myself but wither anybody can use my proxy server or nobody can (internally or externally).
How can I simply stop anybody outside our company from using the proxy and let anybody inside the factory use it.
Please help me set this up properly.
I have so far tried using assumed users, nt database e.t.c.
It should only be accepting users from inside the factory, we do not use VPN, Socks, POP3, IMAP, DHCP, DNS e.t.c on wingate, its only used to let people connect to the internet and control what they may browse during working hours.
I have disabled all the above services within wingate already.
Apr 02 10 1:56 am
SeanLeR wrote:How can I simply stop anybody outside our company from using the proxy and let anybody inside the factory use it.
WWW Proxy server -> Properties -> Bindings.
Delete your WAN adapter from there if it is presented. That's all.
P.S. BTW: what do you have on your WAN interface: private or public ip?
If private, then you'll need also to check\change the Binding policy in the same place (it can automatically bind your WAN, if it has private ip).
Apr 23 10 11:07 pm
Alen wrote:SeanLeR wrote:How can I simply stop anybody outside our company from using the proxy and let anybody inside the factory use it.
WWW Proxy server -> Properties -> Bindings.
Delete your WAN adapter from there if it is presented. That's all.
P.S. BTW: what do you have on your WAN interface: private or public ip?
If private, then you'll need also to check\change the Binding policy in the same place (it can automatically bind your WAN, if it has private ip).
Thank You
:)
That solved all my problems.
Powered by phpBB © phpBB Group.
phpBB Mobile / SEO by Artodia.