| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
| [[TableOfContents]] | <<TableOfContents>> |
| Line 11: | Line 11: |
|
* [http://iheavy.com/node/14 Tracking the Wily Proxy Hackers] describes the exact situation in which I found myself. The solution mentioned there, totally disabling the proxy capability, is what I've done for a temporary solution. Long term, I really want to figure out how to control the proxy capability, rather than nuke it altogether. * [http://spamlinks.net/prevent-secure-proxy-fix.htm Securing open proxies] * [http://www.apacheweek.com/issues/03-07-25#security Apache 1.3.28 release notes] describe the problem with respect to the Apache 1 releases, but I'm running Apache 2. |
* [[http://iheavy.com/node/14|Tracking the Wily Proxy Hackers]] describes the exact situation in which I found myself. The solution mentioned there, totally disabling the proxy capability, is what I've done for a temporary solution. Long term, I really want to figure out how to control the proxy capability, rather than nuke it altogether. * [[http://spamlinks.net/prevent-secure-proxy-fix.htm|Securing open proxies]] * [[http://www.apacheweek.com/issues/03-07-25#security|Apache 1.3.28 release notes]] describe the problem with respect to the Apache 1 releases, but I'm running Apache 2. |
| Line 16: | Line 16: |
|
* [http://www.cmsconnect.com/blm/blmonitor.htm BL-Monitor] is a free visual tool to analyze DNSBL response times and effectiveness for the DNSBL servers you use. * [http://www.trustedsource.org/ TrustedSource] checks the reputation of an email sender. |
* [[http://www.cmsconnect.com/blm/blmonitor.htm|BL-Monitor]] is a free visual tool to analyze DNSBL response times and effectiveness for the DNSBL servers you use. * [[http://www.trustedsource.org/|TrustedSource]] checks the reputation of an email sender. |
| Line 20: | Line 20: |
| * [http://www.emailbattles.com/archive/battles/vuln_aachdjbifd_ff/ Top 5 Open Proxy Ports & How To Fix Them] | * [[http://www.emailbattles.com/archive/battles/vuln_aachdjbifd_ff/|Top 5 Open Proxy Ports & How To Fix Them]] |
I may be an excellent software developer, but I'm a mediocre system administrator. Some of the stuff here may be obvious to the experienced, but I need the reminders and cheat sheets. Also, I want to record some of the lessons I've learned along the way.
Contents
General Security Links
Apache Proxy used as an Open Mail Relay by spammers
I've completely disabled the proxy capabilities in Apache until I can figure out how to properly close this vulnerability. As I research this, here are some links I've found interesting:
Tracking the Wily Proxy Hackers describes the exact situation in which I found myself. The solution mentioned there, totally disabling the proxy capability, is what I've done for a temporary solution. Long term, I really want to figure out how to control the proxy capability, rather than nuke it altogether.
Apache 1.3.28 release notes describe the problem with respect to the Apache 1 releases, but I'm running Apache 2.
Email DNS Blacklists
BL-Monitor is a free visual tool to analyze DNSBL response times and effectiveness for the DNSBL servers you use.
TrustedSource checks the reputation of an email sender.
Other security links
http://ist.uwaterloo.ca/security/howto/ Mostly applicable to University of Waterloo environment, but plenty of generic information, too.
http://www.linux-sec.net/Harden/server.gwif.html Looks like a great collection of information.