Proximitron+password

Hi,

I recently found that site http://www.pcflank.com/art21.htm talking about litle software that were able to get through a firewall... hum...

I'm using Sygate rith now. I once used ZAP, but I wasn't satified. After Kerio, but neither. Now I'm with Sygate and I think its great. But not ad blocking... so tryed Proximitron. Witch is really nice!!! NO broken pages, and NO ads!!!! perfect tool :)

But after searching the board for comments on sygate, I've heard that a program could make a loopback to connect to a local proxy server (like proximitron) and communicate with the net...

Is there a way to secure proximitron? like with a password? or only use it with opera?


tanx guys
 
The loopback thing is indeed a known problem with sygate and its not just related to local proxies but any software that uses the Loopback function to process traffic.This thread should provide some more info :)

Heres a rule for proxomitron.

Proxo udp block
App: Proxomitron
Protocol: Udp
Remote: All
Local: All
Direction: Block in\out

Proxo tcp in block
App: Proxomitron
Protocol:Tcp
Remote: All
Local: All
Direction: Block In

Proxo tcp out
App: Proxomitron
Protocol:Tcp
Remote: 80,8080,443
Local: 1024-4999
Direction: Allow out

Might wanna add some remote ports to the last one if you experience amputated surfing.
This rule is for kerio so you might need some translation, also the 443(https) is there because i filter https traffic through proxomitron(just bypassing the relevant adresses). I do this because a "lot" of sites uses https connections to bypass ad blockers etc.
You also might wanna change the default port in proxomitron to something else than 8080, and make spesific rules for ie, opera and\or mozilla(i only let them access ftp:21 on their own)
:)
 
Common to most firewalls - and the option to disable "global" loopback is ESSENTIAL if using a local proxy.

It is really VERY SLACK for a firewall to offer global loopback by default, as it's not a huge task to add a loopback rule for any application that needs it.

I have ImageN - http://www.pixoid.com/ - and that serves images to my local browser by loopback - on a nonstandard port, by default - if global loopback is not allowed, I have to set an application rule, but that EXTRA program is the only thing that uses loopback - a standard system does NOT generally need loopback, and any system that does use loopback, generally needs the reason for it to be KNOWN!
 
Top