Editing WinGate (section)

==Security==
Versions of WinGate prior to 2.1d (1997) shipped with an insecure default configuration that - if not secured by the network administrator - allowed untrusted third parties to proxy network traffic through the WinGate server. This made open WinGate servers common targets of [[white hat (computer security)|crackers]] looking for anonymous redirectors through which to attack other systems. While WinGate was by no means the only exploited proxy server, its wide popularity amongst users with little experience administering networks made it almost synonymous with open SOCKS proxies in the late 1990s.<ref>{{cite web | url = http://www.lurhq.com/proxies.html | title = Exposing the Underground: Adventures of an Open Proxy Server | access-date = 2007-02-04 | publisher = LURHQ | archive-date = 4 February 2007 | archive-url = https://web.archive.org/web/20070204033000/http://www.lurhq.com/proxies.html | url-status = dead }}</ref>  Furthermore, since a restricted (two users) version of the product was freely available without registration, contacting all WinGate users to notify of security issues was impossible, and therefore even long after the security problems were resolved there were still many insecure installations in use.

Some versions of the [[Sobig]] [[Computer worm|worm]] installed an unlicensed copy of WinGate 5 in a deliberately insecure configuration to be used by spammers.  These installations used non-standard ports for SOCKS and WinGate remote control and so in general did not interfere with other software running on the infected host computer.  This resulted in some [[antivirus software]] incorrectly identifying WinGate as [[malware]] and removing it.