|
|
|
|
|
|
by Laforet
3897 days ago
|
|
|
I've had similar issues with an open source project in which a simple proxy was established with FiddlerCore to tap traffic to a web browser, pretty tame stuff and nothing malicious. Problem is that by default it was configured to listen on 0.0.0.0:80, making it an open HTTP proxy that everybody on the same LAN could connect to. The only real threat so far is that somebody could send in a large volume of traffic to crash the proxy, but wait and behold.... ...some users were running it from hosts that are either a) directly connected to the public IP space without a firewall and b) behind NAT, but with lazy DMZ/port forwarding configuration that exposes their port 80 to the internet anyway. For about a year people have been obliviously hosting open HTTP proxies from home. Eventually somebody found out and it took another couple of months of back and forth issue reporting and PR tugging battles to get it properly patched. Opsec is hard. |
|
|