heimdal http proxy
Charles Hedrick
hedrick at cs.rutgers.edu
Tue Sep 28 16:31:54 EDT 2021
If all the proxy is doing is forwarding content, it might work. But in that case it’s not obvious how much security we’re gaining by the proxy. It may be that just enabling access directly to port 88 would be as good. (I control the network, mostly.) Any sense how risky it is to expose port 88 to the internet?
> On Sep 12, 2021, at 12:53 PM, Grant Taylor <gtaylor at tnetconsulting.net> wrote:
>
> On 9/12/21 5:49 AM, Jeffrey Altman wrote:
>> The answer is "yes", but someone would need to development the implementation and submit a pull request.
>
> Here's a silly thought.
>
> What about using something like socat to listen on local port 88 and have it use the upstream proxy via CONNECT requests (possibly with authentication) to reach the internal KDC, thus making the socat duck quack as if it's the KDC.
>
> It's a bit of a hack. But would it suffice for limited use?
>
>
>
> --
> Grant. . . .
> unix || die
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list