Penetration Testing mailing list archives
Re: Tool to find hidden web proxy server
From: "Gary E. Miller" <gem () rellim com>
Date: Thu, 2 Sep 2004 09:34:25 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yo Vinay! No reason the proxy has to be INSIDE your firewall. All a user needs is SSH, OpenVPN, or similar. Then they can set up an encrypted tunnel from the local workstation to an external proxy or tunnel gateway. If the guy setting it up is smart you will have to dig him out the hard way. Set up tcpdump or ethereal on your internet gateway. Do a capture of ALL the traffic, then go throught it all, eliminate the "good" traffic and what is left is the "problem" traffic. If they are good they can tunnel using DNS/udp or even an IP that is not TCP, UDP or ICMP. If they are truly devious they could use Wi-Fi or Cell Phones to just bypass your firewall completely. The best way to catch them is to carry a 2x4 and do some MBWA (Management By Walking Around). Fire the first guy you catch and the problem will greatly diminish. RGDS GARY - --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 gem () rellim com Tel:+1(541)382-8588 Fax: +1(541)382-8676 On Thu, 2 Sep 2004, vinay mangal wrote:
This problem is strictly with in company internet access firewall and in the LAN only. In a company, policy for Internet access says it is through IP only. The others can not browse the internet. This policy is implemented on firewall. Few smart guys have installed free proxy server running on non default ports and distributed the internet access to their friends. The firewall sees the traffic coming from the authorized IP and does not stop them. We want to know who has installed proxy on there machine.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBN0uT8KZibdeR3qURAoWvAJ96HjjPr/52Y/YpAkopxw7sBOP+lQCgqJ8l ZautnaCB4q+WprFinOTY/To= =wHh+ -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Re: Tool to find hidden web proxy server, (continued)
- Re: Tool to find hidden web proxy server Marc (Sep 02)
- Re: Tool to find hidden web proxy server Martin Mačok (Sep 02)
- Re: Tool to find hidden web proxy server Christine Kronberg (Sep 02)
- Re: Tool to find hidden web proxy server Paulo Henrique Fisch de Brito (Sep 02)
- Re: Tool to find hidden web proxy server Jose Maria Lopez (Sep 02)
- Re: Tool to find hidden web proxy server R. DuFresne (Sep 02)
- Re: Tool to find hidden web proxy server Jose Maria Lopez (Sep 02)
- Re: Tool to find hidden web proxy server Gary E. Miller (Sep 03)
- Re: Tool to find hidden web proxy server Jose Maria Lopez (Sep 03)
- Re: Tool to find hidden web proxy server Chris Brenton (Sep 02)
- Re: Tool to find hidden web proxy server Gary E. Miller (Sep 02)
- Re: Tool to find hidden web proxy server hashem (Sep 02)
- Re: Tool to find hidden web proxy server Rogan Dawes (Sep 02)
- Re: Tool to find hidden web proxy server Thor (Sep 03)
- RE: Tool to find hidden web proxy server Aditya Deshmukh (Sep 03)
- Re: Tool to find hidden web proxy server Balaji Prasad (Sep 05)
- Re: Tool to find hidden web proxy server Jose Maria Lopez (Sep 08)
- Re: Tool to find hidden web proxy server Alexandre Verriere (Sep 07)