Brian Steele wrote:>
>Mnemonix' version will work only under certain circumstances (no packet
filtering on a
>Proxy Server connected to the Internet? - duh!).
Hi,
I'd like to point out this is not the only circumstance when MS-Proxy 2 (see
http://www.infowar.co.uk/mnemonix/proxy.htm ) is vulnerable.
You can have packet filtering enabled but if you use the underlying Internet
Informatuon Server to publish web pages to the Internet you must allow
incoming HTTP requests over TCP port 80. You can block all other incoming
and still be broken into if you allow this traffic to reach the Proxy.
Cheers,
David Litchfield
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
