This FAQ has been created for partners to check the Muse Proxy configuration
* rule is entered, the wildcard character, or *, will allow any IP to access the proxy via the default user. This could cause abuse of the proxy from remote IPs. It is recommended that the IPs, or IP ranges, that will access the proxy via ICE are put in.
2.) In the hosts.xml under the administrator user, there should be no * rule:
* statement is put in under this , it could potentially allow remote users to abuse muse proxy via the administrator user. It is recommended to only allow the IP (or IP ranges) of computers that you expect to use to administrate the proxy.
RULES TO KEEP IN PLACE:
1.) For Muse Proxies above the 18.104.22.168 version, there is the following rule for the default.mnm user:
section for every user, there is a * rule:
* was set to cover all possible ports used by service providers such as 80, 8080, 443, 210,etc.
3.) It is also recommended that if an rule is entered for Muse Global support (secure.museglobal.com or secure.museglobal.ro) that these are not taken out. These are in so that Muse support can properly troubleshoot the proxy.?
($MUSE_HOME/proxy/hosts.xml file)to make sure they are not open proxies, and therefore prone to illegal usage. RULES TO MODIFY: 1.) In the hosts.xml under the default user, there should be no
The default user allows the ICE Servers to access Muse Proxy. If the
Like the default user above, if the
This must be kept in place, so that end users will able to navigate to links rewritten via Muse Navigation Manager. 2.)Under the
This must be kept in place. The REMOTE_PORTS section specifies the outgoing access port rules of the Muse proxy, i.e. to what remote ports the Muse Proxy is allowed to connect to. By default, we block access to the following remote ports: 20,21: File Transfer Protocol (FTP) 22: Secure Shell (SSH) 23: Telnet 25: Simple Mail Transfer Protocol (SMTP) and allow access to the rest of the ports. Meaning that the Muse Proxy can connect to data services on any other ports except the ones listed above. The
20 21 22 23 25 *