TCP port scanning with Forefront TMG 2010’s forward web proxy

By /

“An old feature of ISA Server/Forefront TMG 2010, which if memory helps created over the time a few sparks within the community, is the forward web proxy’s ability to “not limit the ports to which the Web proxy may forward requests”. [1][2]

Personally I’m not a fan of such an “ability”.

Recently, during a security audit, I’ve put to “work” this ability to scan/fingerprint TCP ports/services through Forefront TMG 2010 while TMG provided network separation.

Since we can actually issue “HTTP requests” to “web sites” on virtually almost any ports, little stops us to issue requests to other services like SMTP, IMAP, POP3, FTP, RDP, etc.; all we need is to have allowed HTTP to the required destination…”

For more information, check out:

http://carbonwind.net/blog/post/TCP-port-scanning-with-Forefront-TMG-2010’s-forward-web-proxy.aspx

HTH,

Deb

DEBRA LITTLEJOHN SHINDER
MVP (Enterprise Security)
“MS SECURITY”
[email protected]

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top