WinGate

WinGate is an integrated multi-protocol proxy server, email server and internet gateway from Qbik New Zealand Limited in Auckland. It was first released in October 1995, and began as a re-write of SocketSet, a product that had been previously released in prototype form by Adrien de Croy.

WinGate proved popular, and by the mid- to late 1990s, WinGate was used in homes and small businesses that needed to share a single Internet connection between multiple networked computers. The introduction of Internet Connection Sharing in Windows 98, combined with increasing availability of cheap NAT-enabled routers, forced WinGate to evolve to provide more than just internet connection sharing features. Today, focus for WinGate is primarily access control, email server, caching, reporting, bandwidth management and content filtering.

WinGate comes in three versions, Standard, Professional and Enterprise. The Enterprise edition also provides an easily configured virtual private network system, which is also available separately as WinGate VPN. Licensing is based on the number of concurrently connected users, and a range of license sizes are available. Multiple licenses can also be aggregated.

The current version of WinGate is version 9.4.5, released in October 2022.

Notoriety
Versions of WinGate prior to 2.1d (1997) shipped with an insecure default configuration that - if not secured by the network administrator - allowed untrusted third parties to proxy network traffic through the WinGate server. This made open WinGate servers common targets of crackers looking for anonymous redirectors through which to attack other systems. While WinGate was by no means the only exploited proxy server, its wide popularity amongst users with little experience administering networks made it almost synonymous with open SOCKS proxies in the late 1990s. Furthermore, since a restricted (two users) version of the product was freely available without registration, contacting all WinGate users to notify of security issues was impossible, and therefore even long after the security problems were resolved there were still many insecure installations in use.

Some versions of the Sobig worm installed an unlicensed copy of WinGate 5 in a deliberately insecure configuration to be used by spammers. These installations used non-standard ports for SOCKS and WinGate remote control and so in general did not interfere with other software running on the infected host computer. This resulted in some antivirus software incorrectly identifying WinGate as malware and removing it.