trimMail set up a machine with an open Squid proxy, and didn’t tell anyone about it, just to see what would happen. It only took 18 hours before someone found it and tried to use it, likely for nefarious purposes.
Is this a clutch of phishers looking for open proxies to use for a PayPal scam? Pay-per-click scammers looking for anonymous hosts from which to drive up advertisers’ click-through costs while lining their wallets? Or honest business folk just trying to protect the Web? Draw your own conclusions.
We’ve mentioned before that you only have around 20 minutes before your Windows box is probed. The moral of the story is that, no matter what you’re building, the very first thing you should bring up is the firewall.