[Twisted-Python] Security issue in SOCKS and Webcoil
Both of these when setup using mktap or coil listen on all interfaces. So running a mktap generated SOCKS on a firewall means anyone can access your internal network, and running coil means anyone can setup a telnet python shell or SOCKS proxy remotely. So, changes we need to make: SOCKS tap should allow configurin interfaces it will run on. COIL should allow configuring which interfaces a server can run on, not jusy which ports.
Itamar Shtull-Trauring wrote:
So, changes we need to make: SOCKS tap should allow configurin interfaces it will run on.
As a result, moshez and I agreed a tap module's getPorts function should return a list of Ports, instead of the current method of returning a list of (portNo, protocolFactory) tuples. That way a tap can also make SSL and UDP ports, set interfaces, and so on.
participants (1)
-
Itamar Shtull-Trauring