Page 1 of 1

proxies / tunnels

Posted: Mon Dec 01, 2014 8:13 am
by chrismfz
I don't know if that's a new style or fashion,
I saw in a few servers proxy scripts others hand-written and a few
open source scripts like HTTP Tunnel (on sf.net).

Making the server a proxy basically.

I was thinking if there is a way to block outgoing connections to port 80 but only for httpd
but then again, it would also block all legitimate scripts that trying to connect to a service, a licence check, another server for any legal purpose.

Is there a way to block such proxy/tunnel scripts and not legit traffic using mod_security ?

Re: proxies / tunnels

Posted: Mon Dec 01, 2014 11:07 am
by scott
We actually do that with a kernel security policy in ASL. You can assign a user id or group the "server" facility, meaning it can only receive connections (there are other facilities like client, or none). That way its not limited to a single service, or can by otherwise bypassed in userland.