[*SPAM*] Python open proxy honeypot

Eric S. Johansson esj at harvee.org
Wed Jun 14 15:52:01 CEST 2006

Alex Reinhart wrote:
> Eric S. Johansson wrote:
>> Alex Reinhart wrote:
>>> Yeah, I just realized that. What would I do to act as an open proxy as
>>> well?
>> emulate the Apache proxy capability, especially the reverse proxy.
>> more seriously, what you need to do is from common proxy and web server
>> ports, accept proxy requests with a destination port number of 25 and
>> pretend to relay them.  at least, that was the behavior I saw on a
>> misconfigured Apache web server proxy.
> Is there a library that implements such functionality (that I can
> override) or will I have to implement SOCKS and such myself? I've found
> one SOCKS library and it's rather old and out of date...

I'm not sure.  I would seriously look at the Apache code in figure out 
what it does differently.  The other possibilities look at the pound 
code which is probably more comprehensible and a better example of 
secure code.

It's not out yet but I believe Cherokee will have a proxy soon.  I 
advocated filtering out anything with a port 25 destination.  After they 
heard my experience with Apache, they thought it was a real good idea.  :-)

More information about the Python-list mailing list