Security Flaws

Hi there,

I have a question.
Apparently my friend's company has a proxy server setup, thus, people can connect to the Internet using that proxy and for those without, they can only connect to the intranet of the company.

However, recently, they have discovered that there is a high traffic going around.

Thus, my question is, will it be possible that some of the employees who used the proxy server (http server: port 80), to download movie files from the P2P server such as Kazza?

Alianto

Proxy servers can be used for many differnet things,
you need to lock down what can be used in the proxies setup,
and remember, you dont have to use the likes of kazaa / winmx / irc ... to get large files of the net, many 'underground' / 'warez' sites still offer files / programs to there visitors,

Maybee you should think about setting up some sort of filter aswell on the network,
and also take a look at the log's and see what sites are commonly being connected to and then go about adding them to the filter (traffic is logged right?)

you could find that others on the net have scanned an IP subnet and stumbled accross this proxy and have put it up on the net for god knows who and how many to use - have they restricted what IP range can connect and use the proxy?

All the best,
B.P

thanks Battery Power for all your advice.

Yup you are right. I have log file tells us a lot about what and who (the computers/IPs) have been accessing what! And they are generally http base.

Just out of my curiousity,

Can people use http proxy server, port 80 to access p2p server, such as Kazza or AudioGallaxy to download movies and music still?

Cheers,

Alianto

not normally unless the proxy server is set up in an unusual manner,
you would normally need it to be a wingate or socks proxy server to make connections to other ports/services

Unless youve got someone a bit tastey with comps who has found a way to tunnel it : )