Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
SOCKS v4 App Filter
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
SOCKS v4 App Filter - 20.Jun.2006 5:55:54 PM
|
|
|
bragazzi
Posts: 8
Joined: 20.Jun.2006
Status: offline
|
How can the inherent SOCKS v4 filter be configured to listen on the external interface, but only accept connections from selected IPs? I added a protocol definition and a deny rule to block connection to TCP1080, but connections are still allowed from everywhere.
BTW - Tom, you and your site have been a great help and a tremendous wealth of information for me.
|
|
|
|
RE: SOCKS v4 App Filter - 21.Jun.2006 8:09:38 PM
|
|
|
bragazzi
Posts: 8
Joined: 20.Jun.2006
Status: offline
|
Some help and advice would be greatly appreciated. Thanks in advance.
|
|
|
|
|
RE: SOCKS v4 App Filter - 22.Jun.2006 9:42:38 PM
|
|
|
bragazzi
Posts: 8
Joined: 20.Jun.2006
Status: offline
|
Some help and advice would be greatly appreciated. Thanks in advance.
|
|
|
|
|
RE: SOCKS v4 App Filter - 23.Jun.2006 10:05:10 PM
|
|
|
bragazzi
Posts: 8
Joined: 20.Jun.2006
Status: offline
|
Somebody please give me some help here! Surely there's a way to configure it with a modicum of security!
Thanks.
|
|
|
|
|
RE: SOCKS v4 App Filter - 25.Jun.2006 6:55:50 PM
|
|
|
bragazzi
Posts: 8
Joined: 20.Jun.2006
Status: offline
|
Thank you for the reply.
I'd like to be able to "bounce" traffic from one office through another.
Example: IM traffic is monitored/blocked from office A,
but configuring the IM client to use the SOCKS proxy at office B will
bypass the block/monitor performed at the gateway for office A.
Clearly, I want control over who can se the SOCKS proxy at office B.
Please let me know if more clarification is needed. To me, it sounds like
that if the packet filters were evaluated BEFORE the applcation filters,
I could specify what computers/networks are allowed to use the proxy,
but as it is, a packet filter that limits what addresses can send SOCKS
traffic to the external address is ignored.
< Message edited by bragazzi -- 25.Jun.2006 7:07:36 PM >
|
|
|
|
|
RE: SOCKS v4 App Filter - 25.Jun.2006 9:13:54 PM
|
|
|
bragazzi
Posts: 8
Joined: 20.Jun.2006
Status: offline
|
Stefaan, I'm looking for technical advise not an ethical discussion.
The example I gave was just that.. an example. We are looking to mask the
outbound traffic from one office and provide a means to view locally hosted
websites from as they appear from "outside" with this technique as well.
The ISA installation is replacing an Astaro implementation, which did allow
me to filter access to the SOCKS proxy on the external interface.
|
|
|
|
|
RE: SOCKS v4 App Filter - 25.Jun.2006 11:53:28 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi bragazzi,
did you already consider a site-to-site VPN connection?
HTH,
Stefaan
|
|
|
|
|
RE: SOCKS v4 App Filter - 26.Jun.2006 12:03:53 AM
|
|
|
bragazzi
Posts: 8
Joined: 20.Jun.2006
Status: offline
|
A VPN is certainly a possibility, I was trying to avoid having to do it that way - for simplicity's sake.
Is there a way to secure SOCKS if its listening on the external interface?
Is it possible to simply "publish" a SOCKS server out to specific addresses?
< Message edited by bragazzi -- 26.Jun.2006 12:37:16 AM >
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
