• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 223
  • Last Modified:

Windows 2003 Server a Proxy without me knowing how

I ran nessus and it found the following vulnerability:
Synopsis: The proxy allows the users to perform CONNECT requests like CONNECT http://cvs.nessus.org:23/

This request give to the person who make it the ability
to have an interactive session.
This problem may allow attackers to go through your
firewall, by connecting to sensitive ports like 23 (telnet)
using your proxy, or it can allow internal users to bypass the firewall
rules and connect to ports they should not be allowed to.

Solution reconfigure your proxy so that it refuses CONNECT requests.

Risk Factor : High

How can I make the configuration shange suggestted in the solution or all together turn off this proxy?
  • 2
  • 2
1 Solution
bbaoIT ConsultantCommented:
humm.... do you have Telnet service enabled on your W2K3 box?

just run NET START to see if TELNET is there.
LanceJohnsonAuthor Commented:
I will check on Monday
LanceJohnsonAuthor Commented:
Telnet service is enabled
bbaoIT ConsultantCommented:
that's why you could get this kind of warnings?

if you don't need TELNET, just remove this service from Control Panel | Installed Programs.

hope it helps,
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now