Securing Open Proxies

An open proxy can be used to anonymize connections to open relays, further complicating tracking a spammer down. These links contain advice on how to secure an open proxy if you are using one of the main proxy servers found on the internet. If your proxy isn't listed here, try reading the manual or help files that came with the proxy, or contact the vendor, and if you do find a useful link to get the proxy secured, let us know.

If you have been told you have an open proxy, but you didn't even know you had a proxy, open or otherwise, you may have a spam trojan. Please see the section on consumer security.

Proxies may open up many, many, other security problems than those shown below, which are just a means by which a proxy may be used by unauthorised users, and not by which a proxy may be attacked in any other way.

Vendor Page	Advice to Help Secure the Proxy	Vulnerability References
Misc. Web Proxies	Removing or Reconfiguring Open Web Proxies HTTP Proxies (Cisco / Squid / Mailtraq) LURHQ: Adventures of an Open Proxy Server SORBS Proxy Info The Open Proxy Problem - PDF Open Web Proxies on the Cornell University Network	CERT-150227 BID-4131
4D WebStar	4D WebSTAR & 4D Mail Documentation
AnalogX	Here is an extract from the readme file that came with AnalogX 4.14: By default the proxy binds to all TCP/IP interfaces... it will service requests from the Internet... You can force Proxy to only bind to your local IP address in the Configuration menu... if a valid [local] TCP/IP address is entered, the proxy will ONLY bind to that [and] the proxy will only talk to machines that connect to...your local network. That explains why there are so many open AnalogX proxies. Contact the author for any additional support you require.
Apache Module mod_proxy	Controlling access to your proxy (2.1) Controlling access to your proxy (2.0) Controlling access to your proxy	XFDB-12681
BadBlue Personal Edition 2.5 and earlier	BadBlue Unauthorized Proxy Vulnerability	BID-11030 XFDB-16974 SA-12279
CacheFlow aka Blue Coat Systems CacheOS	CacheFlow CacheOS HTTP CONNECT TCP Tunnel Vulnerability	BID-4143 XFDB-13307
Cisco Transparent Cache Engine and Content Engine	Transparent Cache Engine and Content Engine TCP Relay Vulnerability	CVE-2002-0778
Compaq web-enabled management software	Compaq web-enabled management software acts as generic proxy	CERT-991240 BID-2500 XFDB-6264
ComSocks	ComTun Version 4.00/4.00a Help Manual
FreeProxy	FreeProxy Resource Security
Gordano Proxy Server	Configuring the Web Proxy Server
Junkbuster	Internet Junkbuster proxy allows unauthorized connections	BID-6471 XFDB-10934
MondoSearch	MondoSearch may be used as a proxy to access third party websites	BID-10034 XFDB-15718 SA-11279
Nokia Electronic Documentation (NED) 5.x	Nokia Electronic Documentation – Multiple Vulnerabilities	CVE-2003-0803 XFDB-13189 SA-9740
NTMail 5.x	NTMail 5.x Contains an Open Proxy	CVE-2000-0416 XFDB-4815
Proxy+ [Plus]	Secure Proxy+ Settings
RiSearch show.pl	RiSearch show.pl Open Proxy Relay	OSVDB-8265 BID-10812 XFDB-16817 SA-12173
Squid	Squid Access Controls
Trend InterScan VirusWall for UNIX 3.x	InterScan VirusWall for UNIX (ISUX) is relaying SMTP command via HTTP methods
Wingate	Binding Proxy Services to Interfaces
Wingate 2.x	Securing a Wingate Proxy server	CVE-1999-0291
WinProxy	WinProxy System Configuration
WinRoute Pro	How can I control Internet connectivity for my network through WinRoute?
Venturi Client	Venturi Client can be used as an open proxy	CVE-2003-0316 SA-8820

everything you didn't want to have to know about spam

Hosted by spam.abuse.net, with help from Neil Schwartzman. Domain registration by Gregg DesElms. Logo by Art101.

This work is licensed under a Creative Commons License. SPAM is a trademark of Hormel Foods.
Page last updated: 24-Jan-2006