cannot access the one specific site evenafter disabling the firewall. - Security

This is a discussion on cannot access the one specific site evenafter disabling the firewall. - Security ; Hello everone.. I have a critical problem. I am using squid as proxy in redhat linux 9. one of my users want to access the newswire18.com by logging the username/password. The first page is opening, But when they type their ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: cannot access the one specific site evenafter disabling the firewall.

  1. cannot access the one specific site evenafter disabling the firewall.

    Hello everone..

    I have a critical problem. I am using squid as proxy in redhat linux
    9.
    one of my users want to access the newswire18.com by logging the
    username/password.
    The first page is opening, But when they type their username and
    password it is not authenticating. the page remains as it is.
    No message is coming.

    When he tries to login the connection is not going.


    The firewall must allow users to establish an outbound TCP connection
    to the servers IPs ( 202.87.56.56 ) on port 18247.

    So I disabled the firewall (all accesslists) in my router and I allow
    the ports in squid also.

    In my proxy server no firewalls is there(no iptables).

    But still the problem is continues.

    So I use pktstat utility to check what port it is exactly using ...

    I use the command

    ../tcptrack -i eth0 src or dst 172.16.140.223

    It gives message

    udp 172.16.140.223:nfs<->Proxy:800

    i think this means it is network file system port..But i don t know
    the port. Normally my squid accepts connections from clients through
    port 8080.

    What should i do to access the site ?


  2. Re: cannot access the one specific site evenafter disabling the firewall.

    On 24 May 2007 05:51:22 -0700, pandi wrote:
    >
    > I have a critical problem. I am using squid as proxy in redhat linux
    > 9.
    > one of my users want to access the newswire18.com by logging the
    > username/password.
    > The first page is opening, But when they type their username and
    > password it is not authenticating. the page remains as it is.
    > No message is coming.

    [snip]

    Things you might consider:

    1. The site may require Java, or Javascript, or cookies,
    which the user might have disabled out of security concerns.

    2. Try a different browser.

    3. There's a Firefox extension called "Live HTTP Headers" that
    exposes a lot of the conversation between the browser and the server.

    For serious proxy-related diagnoses, you'll have to wait for someone
    who knows more. Sorry.

    --
    To email me, substitute nowhere->spamcop, invalid->net.

  3. Re: cannot access the one specific site evenafter disabling thefirewall.

    > I have a critical problem. I am using squid as proxy in redhat linux 9.
    > one of my users want to access the newswire18.com by logging the
    > username/password.
    > The first page is opening, But when they type their username and
    > password it is not authenticating. the page remains as it is. No message
    > is coming.
    >
    > When he tries to login the connection is not going.


    I had a recent problem of connecting to tracfone.com. I eventually found
    out that by increasing my internal MTU to +40 of the external(internet)
    size made it magically work. In my case the internet is an MTU of 576
    (dialup), and the internal network had the same MTU. The internal
    network is now at 616 and tracfone.com works. This may or may not be
    your issue. In this case I was able to access the site on the router,
    but not on any machine NAT'd through the router with iptables. This was
    fixed when I increased the MTU size of the internel network.

    You may have other issues. Like the site filtering content based solely
    on whether it thinks you're using IE to view it. There are extensions
    and stuff to rig Firefox or Mozilla to tell the webserver that you are
    using IE to get past this issue. Or it could be wanting to use ActiveX
    stuff, which we just don't have/use under linux. Or some visual basic
    script on the page. Or some other (will only work in windows) issues.

    Granted that many of the above issues are probably more related to the
    site in question being poorly configured. And not so much anything on
    your end. Although modifications to your end may make/force it to cope
    with their issues.

+ Reply to Thread