but in fact it is !. can i provide you with some logs to investigate this,
or you can setup a simple scenario on your own an
see it actually happen . no offense, but for the time beeing i have to
switch to stunnel until this is fixed !
greetz martin papadopoulos
email@example.com (Yutaka Sato)
Bitte antworten an
Re: [DeleGate-En:3556] Antwort: Re: [DeleGate-En:3553] delegate security
flaw [Virus checked]
you firstname.lastname@example.org wrote:
|even with stls this is not the case ! the permission is denied after an
|initial relay has been made to an arbitrary server.
|therefore the delegate master process still is vulnerable to ddos ! :-(
If SSL is failed with STLS=fcl, MASTER DeleGate (with SERVER=delegate)
cannot know any of client's request including the desitination server,
so it cannot connect to anywhere. I think so.
9 9 Yutaka Sato <email@example.com> http://delegate.org/y.sato/
( ~ ) National Institute of Advanced Industrial Science and Technology
_< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller