am I a relay point?

[skiddieleet]

Thank you very much nebulus, I finally got something to work. Here is what I get now in the access log when trying the connect command:

192.168.0.103 - - [11/Dec/2003:14:18:48 -0600] "CONNECT 1.3.3.7:1337 HTTP/1.1" 500 627

Here is what I put in the httpd.conf file:

#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features.
#
<Directory />
Options FollowSymLinks
AllowOverride Limit
<Limit CONNECT>
Require valid-user
</Limit>
Order allow,deny
Allow from all
</Directory>

and that seems to work, and I can still do all the normal stuff, I just can't use the CONNECT command, so I guess that works. Thank you again nebulus. and my .htaccess file looks like this if anyone needs it for a reference:

AuthType Basic
AuthName "Password Required"
AuthUserFile /apache2/passwd/passwords
Require valid-user

The error I get though from the connect command though seems kindof odd:

Trying 24.243.64.239...
Connected to 24.243.64.239.
Escape character is '^]'.
CONNECT 1.3.3.7:1337 HTTP/1.1
Host: 24.243.64.239

HTTP/1.1 500 Internal Server Error
Date: Thu, 11 Dec 2003 20:27:11 GMT
Server: Apache/2.0.47 (Unix) PHP/4.3.3
Content-Length: 627
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator,
[censored] and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
<p>More information about this error may be available
in the server error log.</p>
<hr />
<address>Apache/2.0.47 (Unix) PHP/4.3.3 Server at 1.3.3.7 Port 1337</address>
</body></html>
Connection closed by foreign host.

I have copied that html source and put it up on the server here. It seems really wierd because for some reason the error responds and says that my server address is now the address I was trying to connect to and the port also. I don't get it, but as long as the command doesn't work, I'm happy I guess. Thanks again and it was a good learning experience.

[nebulus200]

Think it might have bugged out since you tried to connect to 1.3.3.7 but gave a host ARG of
Host: 24.243.64.239.

Try it with 1.0 without HOST or try to make them the same and see. I would test it since you left your IP there, but I don't want to draw attention to myself, I suspect that it would fire off one of our IDS systems somewhere...

/nebulus

[skiddieleet]

I get the same error using 1.0 without the HOST. Here is what is in the error_log file:

[Thu Dec 11 14:46:45 2003] [crit] [client 24.243.64.239] configuration error: couldn't perform authentication. AuthType not set!: /

There must be something wrong with my .htaccess file, do you see anything that needs changing?

[nebulus200]

Ok, move the require valid-user to your main declaration:

<Directory />
Options FollowSymLinks
AllowOverride Limit
<Limit CONNECT>
Deny from all
</Limit>
Order allow,deny
Allow from all
Require valid-user
</Directory>

It should work, at least according to the Apache 2.0 Docs.

/nebulus

[skiddieleet]

I tried what you posted and couldn't even get the webpage after that, then I fooled around with it and the only thing that works is what I posted above. Most of the things I tried wouldn't even let me load the page. It keeps giving me that authtype not set error in the error log, but that's ok as long as it only happens when I use the connect command. It is wierd though because I have the authtype set to Basic, maybe it needs to be something else. Oh well, the solution I have now sucks, but unless I can get anything better, that will have to be it. Thanks again nebulus.

[skiddieleet]

That is too wierd, it is like it only has half support for a proxy. I know that I didn't configure it to be a proxy, and supposedly it is not supposed to even support the CONNECT command if it is not used as a proxy. Someone put this in their browser settings for a proxy server: address:24.243.64.239 port:80
When I do that, every address I go to I get my web page which is at the address of the proxy server. So I'm assuming that there is no harm in my server allowing the CONNECT command because it never gets past my address, it's like a proxy that only halfway works. Really wierd. Someone please test it and reply with what they get.

edit
Ok, appently that is the same for all webpages. I now have antionline entered in my proxy settings, so any page I try to visit I get antionline. If I type www.google.com, it will say google in the address bar, but i will be at www.antionline.com. I tried the same backwards, with google. Oh well this is kindof wierd, but that's what is happening to me. So if you want someone to only be able to visit one website, just put that website in as a proxy, and every site they try to go to will be that site. If they aren't very computer literate they will never figure it out. Good trick to play on someone at work or something. Anyways, that's what I got out of an allday episode of working on this. Cheers, and thanks to all who helped me.

[Beryllium9]

The easy way to disable apache proxy functions is to comment out the lines that load mod_proxy, mod_proxy_connect, mod_proxy_ftp, and mod_proxy_http. Here's an extract from my apache.conf file where I disabled proxy functions:-

#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so

[skiddieleet]

Thank you Beryllium9, but I have checked and do not have those things at all in the config file. I think I am just not going to worry about it. I have tried using this command myself, and it didn't seem to do anything, although it executes with no error.