[LARTC] Detecting Request from a proxy server

[LARTC] Detecting Request from a proxy server

[Deepak Singhal]

[-- Attachment #1: Type: text/plain, Size: 292 bytes --]

Hi All,

Can i somehow detect traffic which is coming from a proxy/masquerading server in my lan to my linux gateway server.

I wish to block requests coming from a proxy server in my network ie. no body should be able to use a proxy server in my network.


Thanxs 

Deepak Singhal

[-- Attachment #2: Type: text/html, Size: 1029 bytes --]

Re: [LARTC] Detecting Request from a proxy server

[bert hubert]

On Tue, Mar 05, 2002 at 11:40:53AM +0530, Deepak Singhal wrote:
> Hi All,
> 
> Can i somehow detect traffic which is coming from a proxy/masquerading
> server in my lan to my linux gateway server.

Up to a point. Proxy servers typically include an 'X-Forwarded-For' header.
With the right iptables tricky (the 'string match') woul would be able to
block such traffic.

Masqueraded traffic can *sometimes* be recognized by the port number, but
not always, and such numbers van be changed.

In my experience it almost never helps to try to enforce your policy
electronically. You may be better of telling people not to use proxy
servers. 

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
http://www.tk                              the dot in .tk
http://lartc.org           Linux Advanced Routing & Traffic Control HOWTO
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Detecting Request from a proxy server

[Milan Pavlovic]

  Certainly you can, but you should be more specific about the topology 
(IP addresses) of your network... And what do you want to do with proxy 
server in your LAN that is forbidden to use for everyone. Maybe you need 
some kind of (proxy) authorization?

Deepak Singhal wrote:

> Hi All,
>
>  
>
> Can i somehow detect traffic which is coming from a proxy/masquerading 
> server in my lan to my linux gateway server.
>
>  
>
> I wish to block requests coming from a proxy server in my network ie. 
> no body should be able to use a proxy server in my network.
>
>  
>
>  
>
> Thanxs
>
>  
>
> Deepak Singhal
>



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Detecting Request from a proxy server

[Michael T. Babcock]

A "good" proxy server is usually configurable to look just like an original requestor.

On Tue, Mar 05, 2002 at 11:40:53AM +0530, Deepak Singhal wrote:
> Can i somehow detect traffic which is coming from a 
> proxy/masquerading server in my lan to my linux gateway server.

Masquerading can be detected by source port unless the user has 
reconfigured their machine (and only if the machine is Linux).

> I wish to block requests coming from a proxy server in my network ie. 
> no body should be able to use a proxy server in my network.

May I ask why?
-- 
Michael T. Babcock
CTO, FibreSpeed Ltd.     (Hosting, Security, Consultation, Database, etc)
http://www.fibrespeed.net/~mbabcock/
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Detecting Request from a proxy server

[Arindam Haldar]

Message: 4
Date: Tue, 5 Mar 2002 09:12:39 -0500
From: "Michael T. Babcock" <mbabcock@fibrespeed.net>
To: LARTC List <lartc@mailman.ds9a.nl>
Subject: Re: [LARTC] Detecting Request from a proxy server

A "good" proxy server is usually configurable to look just like an 
original requestor.

On Tue, Mar 05, 2002 at 11:40:53AM +0530, Deepak Singhal wrote:

 > Can i somehow detect traffic which is coming from a
 > proxy/masquerading server in my lan to my linux gateway server.


Masquerading can be detected by source port unless the user has
reconfigured their machine (and only if the machine is Linux).


 > I wish to block requests coming from a proxy server in my network ie.
 > no body should be able to use a proxy server in my network.


May I ask why?
-- Michael T. Babcock CTO, FibreSpeed Ltd. (Hosting, Security, 
Consultation, Database, etc) http://www.fibrespeed.net/~mbabcock/



havent used anytime but iplimit might help ???


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] Detecting Request from a proxy server

[Deepak Singhal]

> A "good" proxy server is usually configurable to look just like an
original requestor.
>
> On Tue, Mar 05, 2002 at 11:40:53AM +0530, Deepak Singhal wrote:
> > Can i somehow detect traffic which is coming from a
> > proxy/masquerading server in my lan to my linux gateway server.
>
> Masquerading can be detected by source port unless the user has
> reconfigured their machine (and only if the machine is Linux).
>
> > I wish to block requests coming from a proxy server in my network ie.
> > no body should be able to use a proxy server in my network.
>
> May I ask why?

I want to implement this so that only one machine should be able to use
internet (the machine which I hv configured to use internet ) and not others
which may be behind it. With the implementaion of iptables/ipchains policy
on my gateway i am able to define that only that machine can use internet
and not others but the user on that m/c can load some proxy on his machine
and allow other also to use internet, which i want to block .

Regards

Deepak Singhal


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/