New Proxomitron Download Site

Discussion in 'other security issues & news' started by Zhen-Xjell, May 9, 2002.

Thread Status:
Not open for further replies.
  1. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Yes there was a DDoS against a few sites running the Proxo download.  I asked and received authorization from the Author to add the download to Computer Cops.  So from here on out, you can get Proxo at CCSP.  For more details, click here.
     
  2. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
  3. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Great news, Zhen!  :D

    regards.

    paul
     
  4. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    I wonder if I can get some help from a certain wascally wabbit?
    I have some people at the Outpost bulletin board that are having problems making Outpost work with Proxo. I hesitate to install proxo on my machine at this time to check it out as I am networked with my wifes computer and she is doing some online college stuff.
    Paul, can you give me an idea of what kind of rules a firewall needs to set up to work securly with Proxo? It seems a couple of people have had problems with ports 80 and 8080 not showing stealth on the scan tests.
    Any ideas at all you can give me will help. I have only messed with Proxo a little a long time ago. I like Outpost because it does enough filtering to suit me.
    regards

    PS You are to be commended for your efforts to help. Not everyone would take the time to do what you are doing.
     
  5. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Root thank you.. your words give me the medicine I need sometimes.

    Ok, let me ask about the scans not showing up stealth.  It sounds almost as if the users have Proxo set to run as a server, which would then cause a port to show something is listening on it.

    Without it being set to "server" within the program, Proxo runs just like any other "client" on your machine, ie: Opera, Internet Explorer, etc.  They "fetch" web pages and render them on your monitor.

    So you should just be able to set Proxo in your firewall to access the HTTP port and still show up stealth.

    Let me know.

    Paul
     
  6. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hi Paul. The last person I had remark about failing scans said it failed of ports 80 and 8080.
    Here's a quote from another thread.

    I've been fooling with Proxomitron for a day or so, and near as I can tell, it makes a firewall, at least OP, useless for outbound protection. Once you've allowed an application 8080 access, that's it - it has full access period. If you happen to know what phone-home URLs to block, fine, but if you don't then you never will, as long as you're using Proxi. I'm not sure what I'm missing, since so many seem to use it, but I can't find a way that isn't stupidly tedious to get the two to work together.

    So, I'm not sure whats going on. UNICRON said he is going to try Outpost with Proxo. That's great, but I'm going on vacation for 10 days tomorrow and won't be around to help. I won't even be close to a puter for over a week. EEEEK!
    I appreciate very much any help in this matter. They are making headway with version 1.1 of Outpost and it is going to appeal to a lot more people, I think.

    With outpost, If you allow access to the net for Proxo, if you just allow outbound to remote ports 80 and 8080 to any remote host. I don't see how the ports are showing open. Loopback also is disabled for those using Proxo. Outpost is very good about stealthing ports as long as something is not holding one open or in a listening state.
    Does Proxo need local port 80 open to inbound traffic?
    I would hope not.
     
  7. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    That's what is perplexing because on my scans I've always showed stealth -- so long as Proxo wasn't told to act as a server.  You tell it to act like a server from within the program itself.  However, I've seen in earlier Proxo versions where I had to disable server access in my firewall.  Perhaps the other user didn't properly configure proxo, OP, or both?

    Also, just to get the official word, you can ask Scott over here.
     
  8. Mike_Healan

    Mike_Healan Registered Member

    Joined:
    Mar 6, 2002
    Posts:
    302
    Location:
    USA
    Hrrrmmmm.......   o_O

    A bit off-topic, but.....

    I have the Proxo forums listed at http://asp.flaaten.dk/pforum/default.asp
    What is the right location?
     
  9. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Mike,

    The author has choosen Zhen's place to host the official forum. That said, Arne's forum isn't a bad one at all  ;)

    regards.

    paul
     
  10. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Just for completeness, http://asp.flaaten.dk/pforum/default.asp.  Yes, they're very good there.
     
  11. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Yes there are multiple places on the net for Proxo support.  The reason why I stepped up and Scott accepted was because Proxo sites recently were DoS'd.  Not to mention Yahoo's privacy policy, etc.

    I have no problem with this and offering up forums and downloads since I've been an ardent Proxo supporter for about a year now.

    See my first review from last year:

    Proxo Review Click Here
     
Loading...
Thread Status:
Not open for further replies.