[*SPAM*] Python open proxy honeypot
Eric S. Johansson
esj at harvee.org
Wed Jun 14 09:52:01 EDT 2006
Alex Reinhart wrote:
> Eric S. Johansson wrote:
>> Alex Reinhart wrote:
>>> Yeah, I just realized that. What would I do to act as an open proxy as
>>> well?
>> emulate the Apache proxy capability, especially the reverse proxy.
>>
>> more seriously, what you need to do is from common proxy and web server
>> ports, accept proxy requests with a destination port number of 25 and
>> pretend to relay them. at least, that was the behavior I saw on a
>> misconfigured Apache web server proxy.
> Is there a library that implements such functionality (that I can
> override) or will I have to implement SOCKS and such myself? I've found
> one SOCKS library and it's rather old and out of date...
I'm not sure. I would seriously look at the Apache code in figure out
what it does differently. The other possibilities look at the pound
code which is probably more comprehensible and a better example of
secure code.
It's not out yet but I believe Cherokee will have a proxy soon. I
advocated filtering out anything with a port 25 destination. After they
heard my experience with Apache, they thought it was a real good idea. :-)
More information about the Python-list
mailing list