-------- From academic-firewalls-owner@net.tamu.edu Sun Nov 26 13:55:48 1995 Organization: Auckland Institute of Technology X-Mailer: Pegasus Mail for Windows (v2.10) Date: Mon, 27 Nov 1995 08:49:26 GMT+1200 From: "Lenny Bielski" Reply-To: academic-firewalls@net.tamu.edu To: academic-firewalls@net.tamu.edu Subject: Re: academic-firewalls Digest - Friday, November 24, 1995 Doug Hughes wrote: > At its simplest, the proxy just changes the source and forwards the query > on to the destination, and vice-versa with the reply. However, you could > setup a proxy to do other things special to the packet if you wanted to. Thanks Doug. As the Application gateways changes the source field of the packet, how does the gateway keep track of what proxy client belongs to a particular user? Also where do, proxy sockets come into play? Gabagabagaba, if we can dream it, we can build it. Comeon what are we waiting for. - -------------------------- Email: lbielski@ait.ac.nz Network Adminstrator/Postmaster Auckland Institute of Technology Web page: http://www.ait.ac.nz/~lbielski Talkd: lenny@hades.ait.ac.nz Phone: +64 9 3079999 Ext 8054 Fax: +64 9 3079901 -------- From academic-firewalls-owner@net.tamu.edu Sun Nov 26 14:15:05 1995 In-Reply-To: <2B8B5154C4@centre.ait.ac.nz> Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Date: Sun, 26 Nov 1995 14:08:50 -0600 (CST) From: Doug Hughes Reply-To: academic-firewalls@net.tamu.edu To: academic-firewalls@net.tamu.edu Subject: Re: academic-firewalls Digest - Friday, November 24, 1995 On Mon, 27 Nov 1995, Lenny Bielski wrote: > Doug Hughes wrote: > > > At its simplest, the proxy just changes the source and forwards the query > > on to the destination, and vice-versa with the reply. However, you could > > setup a proxy to do other things special to the packet if you wanted to. > > Thanks Doug. > As the Application gateways changes the source field of the packet, > how does the gateway keep track of what proxy client belongs to a > particular user? Also where do, proxy sockets come into play? > This is often implemtation specific and depends on the proxy being used and the application/protocol being proxied. You might want to hunt down the source code for 'socks' to see how it works. Also, the httpd process included proxy capability and is a good place to look. As an example, a proxy for http could accept a connection on port 80, open up a separate TCP/IP port to the URL in question, send the query, wait for response, and then reply back to the original sender, all in a process that forked off the original process listening on port 80. After sending the reply, it would close off the connections and exit. The parent would still be accepting subsequent connections. This is an inefficient implementation, but serves as an illustration. It could also be all in one process in the case of TCP/IP because each connection is self identifying. UDP, because the connections are not connection oriented, are more difficult. It doesn't keep track of users so much as it keeps track of host/source port - host/destination port connections. In a fork and serve model, it's much easier to understand. ____________________________________________________________________________ Doug Hughes Engineering Network Services System/Net Admin Auburn University doug@eng.auburn.edu Pro is to Con as progress is to congress -------- From academic-firewalls-owner@net.tamu.edu Sun Nov 26 16:26:59 1995 X-Mailer: Mail*Link SMTP-MS 3.0.2 Apparently-To: Date: 26 Nov 1995 10:40:16 -0800 From: "SMTP Bridge Server" Reply-To: academic-firewalls@net.tamu.edu To: academic-firewalls@net.tamu.edu Subject: Undeliverable Mail Unknown Microsoft mail form. Approximate representation follows. Message: Re: PROXY's Question the Datagram Sent: Sat, Nov 25, 1995 10:30 AM To: Kung, Kenneth C On Server: 618 1LFIN Date: Sun, Nov 26, 1995 10:40 AM Reason: Could not be delivered because the destination Microsoft Mail server could not be found. -------- From academic-firewalls-owner@net.tamu.edu Sun Nov 26 17:09:10 1995 X-Mailer: Mail*Link SMTP-MS 3.0.2 Apparently-To: Date: 26 Nov 1995 15:03:44 -0800 From: "SMTP Bridge Server" Reply-To: academic-firewalls@net.tamu.edu To: academic-firewalls@net.tamu.edu Subject: Undeliverable Mail Unknown Microsoft mail form. Approximate representation follows. Message: Re: PROXY's Question the Datagram Sent: Sat, Nov 25, 1995 2:46 PM To: Kung, Kenneth C On Server: 618 1LFIN Date: Sun, Nov 26, 1995 3:03 PM Reason: Could not be delivered because the destination Microsoft Mail server could not be found. -------- From academic-firewalls-owner@net.tamu.edu Mon Nov 27 05:26:03 1995 X-Mailer: ELM [version 2.4 PL20] Content-Type: text Date: Mon, 27 Nov 1995 11:20:52 +0000 (GMT) From: J.Darling@surrey.ac.uk Reply-To: academic-firewalls@net.tamu.edu To: academic-firewalls@net.tamu.edu Subject: unsubscribe academic-firewalls unsubscribe academic-firewalls -------- From academic-firewalls-owner@net.tamu.edu Sat Dec 2 22:55:46 1995 X-Sender: swift@tamiya.llnl.gov Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Cc: academic-firewalls@net.tamu.edu, ids@uow.edu.au, Date: Sat, 2 Dec 1995 20:50:51 -0800 From: "Alexander O. Yuriev" (by way of uncl@llnl.gov) Reply-To: academic-firewalls@net.tamu.edu To: academic-firewalls@net.tamu.edu Subject: BoS: EMERGENCY LINUX SECURITY FAQ UPDATE: PGP KEY COMPROMISE - -----BEGIN PGP SIGNED MESSAGE----- ONE OF LINUX SECURITY FAQ PGP KEYS HAD BEEN COMPROMISED. EMERGENCY LINUX SECURITY FAQ UPDATE 22:13:07 EST Copyright (C) 1995 Alexander O. Yuriev (alex@bach.cis.temple.edu) CIS Laboratories TEMPLE UNIVERSITY U.S.A. ============================================================================= This is an official update of the Linux security FAQ, and it is supposed to be signed by one of the following PGP keys: 1024/EFE347AD 1995/02/17 Olaf Kirch 1024/ADF3EE95 1995/06/08 Linux Security FAQ Primary Key Unless you are able to verify at least one of signatures, please be very careful when following instructions. Linux Security WWW: http://bach.cis.temple.edu/pub/linux/linux-security ============================================================================= Jeff Uphoff , co-moderator of linux-security and linux-alert mailing lists had issued a key revocation certificate for the the PGP key pub 1024/544C7805 1994/07/17 which could be used to sign Linux Security FAQ Updates or other security related information. From Nov 29, 1995 21:22:07 EST everything signed or encrypted using this key is considered to be compromised. Please notify Alexander O. Yuriev , Olaf Kirch using PGP encrypted email if you receive compromised information. The PGP public keys of people involved in Linux security will be available from the following URL: ftp://bach.cis.temple.edu/pub/Linux/Security/PGP-KEYS.pgp When Jeff Uphoff's new key will be available, it will be added to the the PGP-KEYS.pgp. Please avoid emailing sensitive information to Jeff Uphoff in the non-encrypted form. As the result of the attack NRAO is not directly connected to Internet. We are working on creating an emergency replacement archive for linux-security and linux-alert mailing lists, as well as a backup system to handle the mailing list while NRAO is being cleaned. The following is the extract from message sent by Jeff Uphoff: **************************************************************************** - - From juphoff@tarsier.cv.nrao.eduWed Nov 29 21:06:25 1995 Date: Wed, 29 Nov 1995 20:47:01 -0500 From: Jeff Uphoff To: alex%bach.cis.temple.edu@nrao.edu Subject: PGP key compromise. [I'm sending this to the people on my key-ring, i.e. those with which I occasionally or frequently exchange PGP encrypted e-mail.] Both my PGP key-ring (possible) and my pass-phrase (definite) have been compromised. Attached to this message is a key-revocation certificate. Please pass it on to as many people as you can think of that might have my current key. I cannot sign this message with a recognizable key now, but the block speaks for itself once you feed it through PGP. Robert Millner can verify the compromise by telephone at 540-961-4321, as can I at 804-296-0208. Details of the compromise will be released later to those interested parties that have not been following this particular series of events. (The U.S. FBI is now involved.) NRAO headquarters is no longer interactively reachable from the Internet, though we are exchanging e-mail as long as we can safely maintain the link. - - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAi4pfSsAAAEEAORGNqXZcyNyOiX90Da8pGpNRs1dYPOc+m8MUfxwXWDEPo7J 6MMVZMhKccFeCvGBaVaM8xJ3RrmbQVpVzJlr+FT1UHIvUHNKbWt882HqPOT/Zj6n Zuegs28W9fPdsn4Zpkh52EjPuaMaVGfEe2/J3OhusscFn4CRMbxzFUpUTHgFAAUR iQCVAwUgML0F2bxzFUpUTHgFAQFr/QP/WdLFrOdE59joeUrfMJdx//9raITsngFY NOHfrqNKIpNxT/pgJKZfYdLEk7YewaLUvEqjtgWMScU3TWfppbZzffrwh1KekMmW zhEU78O86NEa3Jl2vBgLnK3UrFSBB38ksjNrqSUu+G5QDoyur2iiF/sMa9S+c+ba ep+fqSkBUBi0JEplZmZyZXkgQS4gVXBob2ZmIDxqdXBob2ZmQG5yYW8uZWR1PokA lQMFEDC7GdGMRVM9rfPulQEBCt4D/jaE8QHrMtla0pdV1J2NSN9P0QPWyWalTe5P oENffVpvykTCuiOD9yb6Jy4sHPhmBsEgrXpU4OKWH9T9DWDEFI0UIoLo7IvO8kJ8 cwPB8fayXhslOA4Un/8fx3iDxOR8uFJxdr1F8Ga0q6XGfsQ2Ou07oBK3z8oqr5Wx soZbTj6MiQCVAwUQMLsY850afeTWLUSJAQET6AP+M/Ap8MzXwzD1BZ6rVU4TO5zN Rxgqw+7lhVX+BKhR2GAbh5/htqTiZAsD2vSBJakGT7esk4dUaGQCPUCm/n/3rqm6 PWX/dDKEtzAEebCHcD+qRyOQFmKAW5BUPHWW1lmt6xn/kSIPq7XHjz6B43RZWGsB hQ9EIZUCNZIxo+ZLXzCJAJUCBRAvRxH14WdUde/jR60BATZhBADQCYztGmrnTFYQ hual0Vf0Q26D7+bnYWU4mS1RzfQcd5OME1RBwN5wMcSZop9FNXqYnDI5Rz+3kH5l KmaW7dPCJiqPu17EBJ+a12pwhJyqoMSXwIOejYHzb3gGt+xDmL/WtiozVwXSLW1N At03Cx6h3HaWe/y3lGsrJk6YtdMcqYkAlQMFEC6lcClqKWzjEbfWeQEBpmsD/RGv bsFfjw7yVJWeyk1YwtoAlbeHvPX7+Rk+sgZXM8Zv9Kb4iKn5nYMkpnQlskLLVclW 3sYcvD81dhJgTirAykekeNsX/Ut5gR8zC9e/eAr2VtfzzqmdMazLmB+V/6B5TQ+Q SCsenf9z1oVWxsRxPfgITH3gGoR3ic4pAL8ECMb9iQCVAwUQLo3C0mGddyp8Ve4F AQGBTwQAxnEi1udeO193kNqBGk2rgZZUmzpW4iR8FpHcAkvXZIrkph2mPsb6nE1J 1Z3LTMgu1RvJAiXmiCDbvLGd0mMIuZpYDmbwigXwF3FWJ3vcnCeZJdMIotFzLpjJ 3XFpiL3qxW0SsD18i6FOKlXSwFWjRwLhKu15y0NFbvgtjnGU/NyJAJUCBRAuQQdf QJYyJ+SHEeUBASUkA/9oVOSU22auv5UwdBCUIH6xJawjv5rq8OjfAmmKPgMYQW/G UE49Q0OG3EWy9X27VBJNVY9UJI45Tabr71ilxHq6GDrkky0CS1yXk/b3kw4i/slI fvwhcOJFIgvKfyW3Z/pfkdEcCaifPazt2r4styS0Q6EZjmEJVUo5UcIgn9UA3okA lQIFEC4qwqC8cxVKVEx4BQEB13ED/1+LS4AuKZLW2jud4mrEPbHeW5VZ90bjQDWK 5TD0Bb2q6IzEUwH2E75i0TnTXhZKjKtro96q7EW6qoFpvZQ0d0a2o5ydAyb8SERW ZzaNhFCWS6+I0BpW9nG2X/YfUESoHUzITa2KGjEaZyUa1Qn2Px+iy//FET61imy8 R6HzvW6TiQCVAgUQLiq/EJ7VmOXAmG3tAQH/dgP+P0MiEdfjdwGG3grzSeGxQVT1 0ZGKwxUW8MnekblHqAeTXq9gzOtiLho7zrJrFFwHbcc9zL6ZzzVEcHrZM9lcR3Ey ZvtyYtmnvJIl/kIh2Yr/l5H0sXImw2Ik31or4kNHpOtf0HYaieUIwW/GuV7S0LV4 2FRkPiXD9SXwxYDfeGi0KUplZmZyZXkgQS4gVXBob2ZmIDxqZWZmLnVwaG9mZkBs aW51eC5vcmc+ =SL0I - - -----END PGP PUBLIC KEY BLOCK----- ***************************************************************** - -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBML0bT4xFUz2t8+6VAQHFBgP+Pf19mAJhh0zM8OhctpN4NyewjjHlhj9b kbVpbOwTpVGWqMEKTNCj6qP+Wl9cbp910WAOxsWrLN6G1u35tBQ95SWjKz8bhLup D/U3VMyc1TNgsYwRoQhjMVkl3g9+mzpXIyqmVGUANLPVtTbxBe3lJlyXpvBU8iwd VnG4+bF31EU= =tYmz - -----END PGP SIGNATURE----- ============================================================================ Alexander O. Yuriev Email: alex@bach.cis.temple.edu CIS Labs, TEMPLE UNIVERSITY WWW: http://bach.cis.temple.edu/personal/alex Philadelphia, PA, USA KeyID: 1024/D62D4489 Key Fingerprint: AE84534377CCC4E2 37B13C4D8CD3D501 Unless otherwise stated, everything above is my personal opinion and not an opinion of any organisation affiliated with me. =============================================================================