ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] News Article - FTC targeting open relays

2003-05-17 06:50:38
from [Vernon Schryver] [Permanent Link] 
From: "Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com>



...
The way I am hearing open proxy used it is to indicate web form mail. Is
anyone seeing it used in any other way?


As Steve Atkins said, "open proxy" does not refer to the abuse of
"web forms." See http://www.google.com/search?q=%22open+proxy%22+spam
or http://www.google.com/search?q=%22open+proxy%22+spam+pc including
http://www.ftc.gov/bcp/conline/pubs/buspubs/openrelay.htm and
http://news.zdnet.co.uk/story/0,,t269-s2122679,00.html

"Formail" is the common tag for the abuse of "web forms," "CGI scripts,"
or programs intended to collect comments via web pages.  The comments
are collected with an ordinary HTTP form and then mailed to the owner
of the web page by the script or program.  "Fromail" comes from the
name of a popular and badly designed and written implementation of
the idea that lets a savvy web user tell the script to send the comments
to an arbitrary mail address.

In spam circles, the phrase "open proxy" refers to a SOCKS, HTTP, or
other TCP "proxy" or form of ALG or application level gateway, by
analogy to "open SMTP relay" or "open relay."  Such proxies accept
TCP connections from clients, and then based on some chatter, open a
second TCP connection to a second TCP server.  After opening the second
connection, the proxy translucently gateways bits between the client
and the second server.  Depending of the protocol being "proxied" or
of the second TCP server, the proxy must modify some of the bits.
For example, IP addresses in FTP commands must be changed.  Ten years
ago, SOCKS proxies (see RFC 1928) became popular for allowing hosts
inside a firewall on corporate networks to reach hosts outside on the
Internet.  The proxy software usually runs on a firewall or other
system visible to both the Internet and its clients.

When the proxy is properly implemented and configured, the proxy honors
requests from only authorized clients.  Authorization is commonly
determined by the IP address of the client, but can involve passwords
and so forth.  When the proxy answers arbitrary clients, it is "open."

Many SOCKS proxies are not properly implemented and configured.  Worse,
there is some sort of freeware proxy for PCs that is reportedly
configured by default as an open proxy.  The provider of this software
has refused to change the defaults.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] News Article - FTC targeting open relays, Hallam-Baker, Phillip
Next by Date:  Re: [Asrg] C/R Framework, Vernon Schryver
Previous by Thread:  Re: [Asrg] News Article - FTC targeting open relays, Steve Atkins
Next by Thread:  RE: [Asrg] C/R - What people say, Eric D. Williams
Indexes:  [Date] [Thread] [Top] [All Lists]