Debian Package a Day (debaday) wrote,
Debian Package a Day

ntlmaps - NTLM Authorization Proxy Server

'NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server (e.g. ISA server) using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

Main features:
  • supports NTLM authentication via parent proxy server (Error 407 Proxy Authentication Required)

  • supports NTLM authentication at web servers (Error 401 Access Denied/Unauthorized)

  • supports translation of NTLM scheme to standard "Basic" authentication scheme

  • supports the HTTPS 'CONNECT' method for transparent tunnelling through parent proxy server

  • has ability to change arbitrary values in client's request headers;

  • supports unlimited number of client connections

  • supports connections from external hosts

  • supports HTTP 1.1 persistent connections

  • stores user's credentials in config file or requests password from a console during the start time

More from Robert Waldner:
Ever been behind a proxy that only lets you out if you can authenticate via NTLM? Yeah, your browser probably can do that, but what about wget, apt-get, lynx, ftp? Here's ntlmaps for you, just point your $http_proxy to localhost, and it'll transparently handle all the auth stuff for you. And it'll also do that for your other Debian machines on the LAN. (If you're a bastard, you could also tunnel an ssh session through https through ntlmaps, and get transparent ssh-access to your outside machines even if the firewall wouldn't permit that normally. Well, that's what I use it for, usually. If you're a real BOFH, you'll port-forward to your own proxy through that ssh-session, and bypass all the URL-filtering, logging and other restrictions that would be in place behind that firewall. Of course, you could also run something like vtun or OpenVPN through ssh, and get complete IP-connectivity. BTDT.)

More information on this package can be found on the Debian web site.
(If there is a package you would like to see featured here, go to the userinfo page and follow the directions there to submit your entry.)

Now available in RSS and ATOM flavors too.
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded