Penetration Testing mailing list archives

RE: Tool to find hidden web proxy server

From: Jose Maria Lopez <jkerouac () bgsec com>
Date: 08 Sep 2004 19:30:35 +0200

El mié, 08 de 09 de 2004 a las 16:41, okrehel () loews com escribió:

Product as winroute and one spare NIC card on PC will do the trick.
Winroute comes with build in FW as well so maping "the new network" behind
it is limited.


I don't think there's an easy way to find a transparent proxy installed
in the same machine that the firewall and properly firewalled. You won't
see any systems but a firewall or router. The best approach it's trying
to find the proxy by any of the methods people have talk of in this
thread, and if you can't find them then you can be almost sure that
if you find a firewalled port 8080 or 3128 in a machines that seems a
firewall or a router then that it's the proxy.

If the final result of all this work it's to try and pass our traffic
through the proxy machine without passing through the proxy I can tell
this is not possible if the machine it's properly configured.
-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac () bgsec com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"


------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

Current thread:

Re: Tool to find hidden web proxy server, (continued)
- - - Re: Tool to find hidden web proxy server Daniel Staal (Sep 08)
- RE: Tool to find hidden web proxy server Kara, Pravesh (Sep 02)
- RE: Tool to find hidden web proxy server Jeff Gercken (Sep 02)
- RE: Tool to find hidden web proxy server Burnett, Robert (Sep 02)
  - RE: Tool to find hidden web proxy server Gary E. Miller (Sep 02)
- RE: Tool to find hidden web proxy server Scovetta, Michael V (Sep 02)
  - RE: Tool to find hidden web proxy server Jose Maria Lopez (Sep 03)
- RE: Tool to find hidden web proxy server Singh, Yashpal (Sep 03)
  - RE: Tool to find hidden web proxy server Jose Maria Lopez (Sep 07)
    - RE: Tool to find hidden web proxy server okrehel (Sep 08)
    - RE: Tool to find hidden web proxy server Jose Maria Lopez (Sep 08)
- RE: Tool to find hidden web proxy server caleb . dods (Sep 03)
- RE: Tool to find hidden web proxy server caleb . dods (Sep 03)
- RE: Tool to find hidden web proxy server Christopher Adickes (Sep 04)
- RE: Tool to find hidden web proxy server Bénoni MARTIN (Sep 04)
  - Rogue activity methodology (was: Tool to find hidden web proxy server) Chris Brenton (Sep 07)
    - Re: Rogue activity methodology (was: Tool to find hidden web proxy server) Shashank Rai (Sep 08)
    - Re: Rogue activity methodology (was: Tool to find hidden web proxy server) Chris Brenton (Sep 08)
    - Re: Rogue activity methodology (was: Tool to find hidden web proxyserver) Dejan Markovic (Sep 09)
- RE: Tool to find hidden web proxy server Jeff Gercken (Sep 07)
- RE: Tool to find hidden web proxy server Wozny, Scott (US - New York) (Sep 08)