Solved

How to protect my proxy server

Posted on 2006-11-19
13
231 Views
Last Modified: 2010-04-20
I'm using a proxy server written for tomcat on fedora 4. This morning i noticed strange activity coming from a chinese address in my log files. Is there any simple way to protect against abuse without modifying the proxy server?
0
Comment
Question by:JPERKS1985
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +3
13 Comments
 
LVL 16

Expert Comment

by:xDamox
ID: 17976066
Hi,

I would suggest you look into iptables, you could try:

iptables -A INPUT -s 207.46.98.0/24 -j DROP

Replace the 207.46.98.0 ip with the offending IP
0
 
LVL 1

Author Comment

by:JPERKS1985
ID: 17976070
It was a chinese proxy I believe, any way to set a list of IPs with permission?
0
 
LVL 16

Expert Comment

by:xDamox
ID: 17976127
Hi,

Yea you can drop all outside connections and only allow internal connections with iptables.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 1

Author Comment

by:JPERKS1985
ID: 17976304
how do I block every IP accept one?
0
 
LVL 1

Author Comment

by:JPERKS1985
ID: 17976307
or allow only one certain IP address to access port 8080
0
 
LVL 48

Expert Comment

by:Tintin
ID: 17976551
What proxy are you running?

If it is squid, then you should edit squid.conf and set appropriate ACL's for your environment.
0
 
LVL 1

Author Comment

by:JPERKS1985
ID: 17976766
its a custom proxy.
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17977409
why not create a ACL for your intranet with the following in /etc/squid/squid.conf or whatever conf file

*******************
TAG:  acl intranet 10.10.10.0/255.255.255.0

http_access allow intranet

*******************

that should take care of only intranet using the internet proxy.  you might want to look at other protocols as well before curtailing only http access.

goutham
0
 
LVL 1

Author Comment

by:JPERKS1985
ID: 17981256
it has to allow for people outside of the local network. But I will have the IPs of those people.
0
 
LVL 10

Expert Comment

by:ssvl
ID: 17987890
add their ip to acl too

do like this



acl outside <ip>

http_access allow outside




0
 
LVL 10

Expert Comment

by:ssvl
ID: 17987919
and You need to ac src before the ip


the syntax is


       acl       aclname          src         ip-address/netmask.

For example:

Define an ACL that corresponds to your client's IP addresses.

        acl myclients src 172.16.5.0/24

Next, allow those clients in the http_access list:

        http_access allow myclients



http://www.visolve.com/squid/squid24s1/access_controls.php
http://www.squid-cache.org/Doc/FAQ/FAQ-10.html
0
 
LVL 48

Expert Comment

by:Tintin
ID: 17989798
Please note that JPERKS1985 has said it is a custom proxy NOT a squid proxy, so all these squid ACL suggestions aren't going to help.
0
 
LVL 1

Accepted Solution

by:
mymymac earned 500 total points
ID: 18059153
if you are running GUI, grab firestarter from http://www.fs-security.com/ and you will have a GUI firewall using iptables. from it you can configure what to accept and deny as well as sharing the internet connection.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question