New security features in the new
version of Proxy+ 2.40
New version of Proxy+ 2.40 was released in May 2000. This version offers many new
features and improvements. This article contains a list of security related enhancements:
- Insecure interface list
This new feature allows to create a list of dangerous interfaces. Each request which came
through insecure is denied (if the Security/General/Use insecure interfaces option isn't
disabled).
- automatic creation of Insecure
interfaces list
Proxy+ tries to find all
insecure interface automatically. If the Proxy+ connects to the Internet using dial up networking (switched phone
line) the modem is treated as insecure interface. If Proxy+ is configured to work on Lease Line the routing table is examined
to find interfaces with default gateway assigned. All default gateway interfaces are added
into insecure interface list. Because routing table related routines are not supported on
Windows 95 systems and Windows NT with Service Pack older than 4 the detection routine
will fail on these operating systems.
- the Security violation logfile enabled
by default
- most of services disabled by default
New installations of Proxy+ are
more secure. There is no Telnet Gateway or SOCKS server enabled by default. User have to
enable the service if he want to use it.
Note: If the Proxy+ is
improperly configured (not secured) the Telnet gateway or SOCKS server can be used by
hacker to attack another server using your IP address (your IP address appears in the
server's logfile so the hacker has anonymous access to the server).
- a message is written into ProxyLog.TXT
logfile eachtime the log files are cleared
The logfile name and user IP is logged into ProxyLog.TXT whenever any logfile is cleared.
Related links:
Art04127 - How
to configure P+ to be more secure (ver 2.40)
Art04126 - How to restrict mail relaying - example
Art00911 - Secure Interfaces example
Art00912 - Security settings (secure clients example)
Art02000 - How to access the WWW Admin interface when the password is lost
Art00909 - Access List samples