?
Solved

Windows 2003 Server a Proxy without me knowing how

Posted on 2008-06-18
4
Medium Priority
?
217 Views
Last Modified: 2013-12-23
I ran nessus and it found the following vulnerability:
Synopsis: The proxy allows the users to perform CONNECT requests like CONNECT http://cvs.nessus.org:23/

This request give to the person who make it the ability
to have an interactive session.
This problem may allow attackers to go through your
firewall, by connecting to sensitive ports like 23 (telnet)
using your proxy, or it can allow internal users to bypass the firewall
rules and connect to ports they should not be allowed to.

Solution reconfigure your proxy so that it refuses CONNECT requests.

Risk Factor : High

How can I make the configuration shange suggestted in the solution or all together turn off this proxy?
0
Comment
Question by:LanceJohnson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 37

Expert Comment

by:bbao
ID: 21827311
humm.... do you have Telnet service enabled on your W2K3 box?

just run NET START to see if TELNET is there.
0
 

Author Comment

by:LanceJohnson
ID: 21842689
I will check on Monday
0
 

Author Comment

by:LanceJohnson
ID: 21965689
Telnet service is enabled
0
 
LVL 37

Accepted Solution

by:
bbao earned 1500 total points
ID: 21971193
that's why you could get this kind of warnings?

if you don't need TELNET, just remove this service from Control Panel | Installed Programs.

hope it helps,
bbao
0

Featured Post

The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses
Course of the Month9 days, 7 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question