Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Help with iptables on proxy server
Special Forums Cybersecurity Help with iptables on proxy server Post 302305741 by Neo on Thursday 9th of April 2009 03:49:07 PM
Old 04-09-2009
Quote:
Originally Posted by sdotsen
I may be doing this incorrectly, so if you have any suggestions, I'm open to it. So I installed a reverse proxy server on my LAN. It's not on the DMZ because it's coming from a blade running inside a virtual machine. Anyways, so I installed iptables and locked everything down from the outside coming in. Only port 80 is open from the outside. My question is, what if someone compromised the box in any way, I want to deny them access to our local lan. However, just thinking about this, if someone got in through SSH or something they could just disable iptables, no?

I was thinking of denying traffic from the proxy to our LAN but is that irrelevant? I still need my LAN to talk to the proxy server since our back-end webservers need to communicate w/ this proxy server.
Can you please upload a diagram of your network?

Frankly speaking, I am happy to respond, but lazy to translate your text description into a picture. I need a visual.

Thanks.
 

10 More Discussions You Might Find Interesting

1. IP Networking

routing through a proxy server

I'm new to this forum, so please be gentle ! I need to get my IBM RS running AIX4.3 onto the internet to a particular ftp server, through a NT server running proxy services. This NT server is directly connected to our internet router vis a secondary NIC on the NT server. When I add the route... (2 Replies)
Discussion started by: garry
2 Replies

2. UNIX for Dummies Questions & Answers

unix server behind MS proxy server

I'm trying to get a Unix server on the internet (mostly for DNS requests) but this server is on a network behind a Proxy server. How can I configure my unix server that he will pass the proxy server for internet requests? (2 Replies)
Discussion started by: RSlegers
2 Replies

3. Linux

how to get IP for proxy server

i have installed a proxy server on my linux box . how to get the IP for that proxy . cheers (3 Replies)
Discussion started by: ppass
3 Replies

4. UNIX for Dummies Questions & Answers

Proxy server on Digital UNIX V4.0E ?

Hello everyone, im searching an proxy server for Digital UNIX V4.0E... someone got an idea ? (pre-compiled package would be the best :p) (0 Replies)
Discussion started by: alvoryx
0 Replies

5. Shell Programming and Scripting

Proxy server/client in Perl

I have been toying with a Proxy client/server app that will listen on the CLIENT system on lets say port 7070. User's browser proxy setting is configured for "localhost" port "7070". When this proxy app gets a request for a URL it should FETCH the URL and display it on the browser. I... (1 Reply)
Discussion started by: Dabheeruz
1 Replies

6. Red Hat

How to get server out through work proxy

Hi, I want to be able to get my server to update via yum through our work proxy. I have tried the usual method of exporting the http_proxy=http://username:password@domain.com but this does not work for me. I opce heard about a guy who set up a proxy on his XP laptop (Don't flame me I have... (0 Replies)
Discussion started by: pobman
0 Replies

7. IP Networking

Software/tool to route an IP packet to proxy server and capture the Proxy reply as an

Hi, I am involved in a project on Debian. One of my requirement is to route an IP packet in my application to a proxy server and receive the reply from the proxy server as an IP packet. My application handles data at the IP frame level. My application creates an IP packet(with all the necessary... (0 Replies)
Discussion started by: Rajesh_BK
0 Replies

8. IP Networking

SQUID Proxy server configuration

Can any one direct me to the resources where I can find in-depth instructions on Squid Proxy server and its configuration? Thanks in advance.:) (1 Reply)
Discussion started by: admin_xor
1 Replies

9. Shell Programming and Scripting

proxy server using perl

I want to write a perl script on a server to behave like a proxy server. I want to be able to enter the hostname and port on firefox proxy settings (or IE, chrome, whatever) and then go to a site, and have my webserver forward the request to another server, and forward the response back to the... (2 Replies)
Discussion started by: Arun_Linux
2 Replies

10. UNIX for Dummies Questions & Answers

enable all operations to use a proxy server , redhat server

Hi, i would like to enable all operations/connections to use a proxy server in a redhat server , witch file should i config to get this for all conections .... Thanks (0 Replies)
Discussion started by: prpkrk
0 Replies

LEARN ABOUT SUNOS

ssh-socks5-proxy-connect

ssh-socks5-proxy-connect(1)					   User Commands				       ssh-socks5-proxy-connect(1)

NAME

       ssh-socks5-proxy-connect - Secure Shell proxy for SOCKS5

SYNOPSIS

       /usr/lib/ssh/ssh-socks5-proxy-connect [-h socks5_proxy_host] [-p socks5_proxy_port] connect_host connect_port

DESCRIPTION

       A proxy command for ssh(1) that uses SOCKS5 (RFC 1928). Typical use is where connections external to a network are only allowed via a socks
       gateway server.

       This proxy command does not provide any of the SOCKS5 authentication mechanisms defined in RFC 1928. Only anonymous connections are  possi-
       ble.

OPTIONS

       The following options are supported:

       -h socks5_proxy_host    Specifies the proxy web server through which to connect. Overrides the SOCKS5_SERVER environment variable.

       -p socks5_proxy_port    Specifies  the  port  on  which	the  proxy  web  server  runs. If not specified, port 80 is assumed. Overrides the
			       SOCKS5_PORT environment variable.

OPERANDS

       The following operands are supported:

       socks5_proxy_host       The host name or IP address (IPv4 or IPv6) of the proxy.

       socks5_proxy_port       The numeric port number to connect to on socks5_proxy_host.

       connect_host	       The name of the remote host to which the socks gateway is to connect you.

       connect_port	       The numeric port number of the socks gateway to connect you to on connect_host.

EXAMPLES

       The recommended way to use a proxy connection command is to configure the ProxyCommand in ssh_config(4) (see  Example  1  and  Example  2).
       Example 3 shows how the proxy command can be specified on the command line when running ssh(1).

       Example 1: Setting the proxy from the environment

       The following example uses ssh-socks5-proxy-connect in ssh_config(4) when the proxy is set from the environment:

       Host playtime.foo.com
	   ProxyCommand /usr/lib/ssh/ssh-socks5-proxy-connect 
	       playtime.foo.com 22

       Example 2: Overriding proxy environment variables

       The following example uses ssh-socks5-proxy-connect in ssh_config(4) to override (or if not set) proxy environment variables:

       Host playtime.foo.com
	   ProxyCommand /usr/lib/ssh/ssh-socks5-proxy-connect -h socks-gw 
	       -p 1080 playtime.foo.com 22

       Example 3: Using the command line

       The following example uses ssh-socks5-proxy-connect from the ssh(1) command line:

       example$ ssh -o'ProxyCommand=/usr/lib/ssh/ssh-socks5-proxy-connect 
	   -h socks-gw -p 1080 playtime.foo.com 22' playtime.foo.com

ENVIRONMENT VARIABLES

       SOCKS5_SERVER	       Takes socks5_proxy_host operand to specify the default proxy host.

       SOCKS5_PORT	       Takes socks5_proxy_port	operand to specify the default proxy port.

EXIT STATUS

       The following exit values are returned:

       0	Successful completion.

       1	An error occurred.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Stable			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ssh(1), ssh-http-proxy-connect(1), ssh_config(4), attributes(5)

SunOS 5.10							    30 Oct 2002 				       ssh-socks5-proxy-connect(1)
All times are GMT -4. The time now is 08:19 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy