Is there a way to block known open proxy IP addresses?
I found out that i recieve lots of attacks from such adresses so I guessed it would be fine to block them all. There are public open proxy lists which could be used for filtering data.
samo u vatrozidu dropujes port za proxy na pablic ethu …
“vatrozid” super fora 
e djape da li si upućen u load baletiranje na Motor Traktoru 2.8.26…
can you write in english…
seria lo mismo que yo escriba en español
it is same as I write in Spanish, you can’t understand me??right?
Open proxies use different ports, so there is no rule I can use. The best option is to block on list of IP’s.
I want to pevent incoming connections from other open proxie-s, known spam source IP’s, known spam source IP’s, etc.
That’s almost impossible!!! There are thousands open proxies! People that want a list of open proxies doesn’t need to open web page with proxy list, they are using software called Charon to gather open proxies.
So, relax and forget for that 
Cheers..
P.S. Spok, if you think about load balancing, sure I can help ya with that…
Yea… I tihink about load balancing…output me your mail…
Ok, lets make it a bit simpler: I have an large list of IP’s I want to block any incoming connection from. Also I have this list updated occasionaly. Is it possible to make MT to use his list toblock access?
easy. firewall, block subnet. or address list if you use 2.9
To block most open proxies on your network block all incoming TCP sync packets going to your user IP’s at…
For sure:
1080 SOCKS
3128 SQUID
Risky since some of your users might want to use these ports:
80 AnalogX
8080 Common proxy port but used by routers also.
I would also block
TCP 135-139 NetBIOS
TCP 445 NetBIOS something?
UDP 135-139 NetBIOS
TCP 12345 BackOrifice
You need some firm knowledge of firewalling to do this properly. I have been blocking these for years.
Matthew
pedja, what is list all about? there are many on internet, which one do you use?
hci, thanks for the ideas. I already do some blockings of this kind, and I can handle it.
I visited several sites offerning open proxy lists. I tried them and they work. I realizesd that most of the spam attacks to my server come from IP’s that are usually open proxies. I also noticed that man of the attacks come from sme IP or sam IP group.
My mailserver can recognize malicius connection and can handle it includinng logging such attempts. My idea is to use this logs to make upto date lsit of Ip’s which from server was attacked, and make MT simply drop any connection coming form such IP (or even IP group).
Other way would be to consult some RBL list, like http://www.spamhaus.org/ if IP which from connection is comming from is listed as spam source and if it is, block it out, and put it in some cached list.
This all should work automated, otherwise there is no purpose to try.
This is XP and 2000 NetBios
Anyway, can someone post their settings for blocking these, becouse I’ve been having problems doing it 
