Penetration Testing mailing list archives
Re: Tool to find hidden web proxy server
From: Marc <reply.to.newsgroup () mozilla org>
Date: Thu, 02 Sep 2004 12:44:34 +0200
I would try the following, in order:1. Have a look at who has Internet access and in that list, isolate the people who could have the skills to install a proxy. While not a very hard operation, not every employee can install such a thing.
2. Enable "detailed" logging of your firewall rule that controls Internet access and check your logs for corresponding machines. You could eventually scan only those machines to find the ones you're looking for.
3. Depending on the size of your network, you could perform a full port scan and/or sniff traffic. By sniffing, you could "easily" find the proxies since they would likely be the machines with the most connections and/or traffic. I've done something similar by using Cain (for ARP spoofing) in parallel with Sniphere 2.0 (a small and free sniffer). Sniphere gives you each port and IP address a machine is connected to when you use its "session" option (can't recall the exact name).
Good luck, -- Marc vinay mangal wrote:
Dear all, Thanks for your suggestions. May be I am not able to define my question properly. This problem is strictly with in company internet access firewall and in the LAN only. In a company, policy for Internet access says it is through IP only. The others can not browse the internet. This policy is implemented on firewall. Few smart guys have installed free proxy server running on non default ports and distributed the internet access to their friends. The firewall sees the traffic coming from the authorized IP and does not stop them. We want to know who has installed proxy on there machine. I hope, I am able to clearly define my question. Thanks vinay ----- Original Message ----- From: "wnorth" <wnorth () verizon net> To: "'vinay mangal'" <vinay.mangal () eil co in>; "'Pen'" <pen-test () securityfocus com> Sent: Wednesday, September 01, 2004 11:41 PM Subject: RE: Tool to find hidden web proxy serverI'm not sure of a tool, but simply scanning your network for TCP/8080 or TCP/80 or TCP/8000 may give you the results you are looking for. SimpleNMAPwould work. -Wes -----Original Message----- From: vinay mangal [mailto:vinay.mangal () eil co in] Sent: Wednesday, September 01, 2004 4:27 AM To: Pen Subject: Tool to find hidden web proxy server Dear all, I am looking for a tool to find the hidden web proxy server in my local network. Any hint will be useful. with regards Vinay------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Tool to find hidden web proxy server vinay mangal (Sep 01)
- Re: Tool to find hidden web proxy server Jose Maria Lopez (Sep 01)
- Re: Tool to find hidden web proxy server Miles Stevenson (Sep 01)
- Re: Tool to find hidden web proxy server Gary E. Miller (Sep 02)
- Re: Tool to find hidden web proxy server grutz (Sep 02)
- RE: Tool to find hidden web proxy server wnorth (Sep 02)
- Re: Tool to find hidden web proxy server vinay mangal (Sep 01)
- Re: Tool to find hidden web proxy server Javier Fernandez-Sanguino (Sep 02)
- Re: Tool to find hidden web proxy server Marc (Sep 02)
- Re: Tool to find hidden web proxy server Martin Mačok (Sep 02)
- Re: Tool to find hidden web proxy server Christine Kronberg (Sep 02)
- Re: Tool to find hidden web proxy server Paulo Henrique Fisch de Brito (Sep 02)
- Re: Tool to find hidden web proxy server Jose Maria Lopez (Sep 02)
- Re: Tool to find hidden web proxy server R. DuFresne (Sep 02)
- Re: Tool to find hidden web proxy server Jose Maria Lopez (Sep 02)
- Re: Tool to find hidden web proxy server Gary E. Miller (Sep 03)
- Re: Tool to find hidden web proxy server Jose Maria Lopez (Sep 03)
- Re: Tool to find hidden web proxy server vinay mangal (Sep 01)
- Re: Tool to find hidden web proxy server Chris Brenton (Sep 02)
- Re: Tool to find hidden web proxy server Gary E. Miller (Sep 02)