Being attacked externally with Fiddler open

6 posts, 0 answers
  1. Alex
    Alex avatar
    3 posts
    Member since:
    Oct 2016

    Posted 03 Oct Link to this post

    Where I work I need to test payment processes (Elavon, SagePay etc)

    I need to open a port on my router and forward it to my machine so that the redirect URL for the payment will work correctly.

    The port on the router is only open and forwarding when I need to test payment stuff.

     

    When I have the port open and am using Fiddler to test I notice that I get inbound requests showing from google.pl and a few others which seem to use my computer to perform searches etc.

     

    How can I get Fiddler to stop allowing these requests? As I'm currently having to constantly open and close Fiddler so that only running when absolutely needed.

  2. Tsviatko Yovtchev
    Admin
    Tsviatko Yovtchev avatar
    408 posts

    Posted 07 Oct Link to this post

    Hello,

    I am not completely sure I understand your scenario. Fiddler won't accept incoming requests unless you set it up as a reverse proxy. Is that what you did?

    Moreover closing Fiddler doesn't mean you are going to stop getting the incoming requests. It's just that you don't see them any more in Fiddler. So if you make Fiddler stop them then you'll have to keep Fiddler running at all times. Is that what you want to do?

    Regards,
    Tsviatko Yovtchev
    Telerik by Progress
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. Alex
    Alex avatar
    3 posts
    Member since:
    Oct 2016

    Posted 08 Oct Link to this post

    At my work I test websites.

    Part of that process involves testing payment processes on mobile devices.

    In order for the payment processes to work properly, I need to receive a response from the various payment gateways.

    I need port 80 forwarded through my router to my work computer which has Fiddler running with allow remote connections enabled so that I can use {my computers IP}:8888 on my phone to access the websites I'm testing locally on various phones/tablets.

     

    Port 80 is only forwarded when this specific scenario needs to be tested, but when I do have to after a few minutes of having Fiddler running I start to receive inbound requests trying to perform google searches.

    I guess the title of my post was a bit misleading in a way.

     

    Long story short, is there any way of using Fiddler to block these external requests while allowing the payment responses through?

     

  4. Tsviatko Yovtchev
    Admin
    Tsviatko Yovtchev avatar
    408 posts

    Posted 12 Oct Link to this post

    Hello,

    OK, I see what your setup is now. It's somewhat weird that you get these requests so maybe you should audit all the software running on your machine/mobile devices to see whether something causes this.

    However, Fiddler shouldn't do anything with these incoming requests unless you defined some custom forwarding in Fiddler Script. So what do you mean by blocking them? You just want to filter them out of Fiddler's session list? 

    Regards,
    Tsviatko Yovtchev
    Telerik by Progress
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  5. Alex
    Alex avatar
    3 posts
    Member since:
    Oct 2016

    Posted 17 Oct in reply to Tsviatko Yovtchev Link to this post

    It's not just my machine it happens with.

    There are 8 other people in the office and if any of them have the port forwarded to their machine they get the requests showing too.

    I've attached screenshots of my Fiddler settings.

    By filtering them out of Fiddler I mean I want Fiddler to not forward the request (or whatever it's doing with them) and to just block it.

  6. Tsviatko Yovtchev
    Admin
    Tsviatko Yovtchev avatar
    408 posts

    Posted 20 Oct Link to this post

    You can block the unwanted sessions using Fiddler Script. In the OnBeforeRequest method you can Filter sessions by host header for example and if it's not some of the payment platforms then you can do:

    oSession.oRequest.FailSession(404, "Blocked", "Fiddler blocked request");

    Regards,
    Tsviatko Yovtchev
    Telerik by Progress
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Back to Top