Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Tool to find hidden web proxy server

From: <hashem () macxperts com>
Date: Thu, 2 Sep 2004 08:35:19 +0100
Perhaps if you are on linux you can use nmap to scan your whole subnet and
output the scan to a text file then you can grep it for the word proxy (
means you gotta be root and do an -sV ) correct me if im wrong.
----- Original Message ----- 
From: "vinay mangal" <vinay.mangal () eil co in>
To: "Pen" <pen-test () securityfocus com>
Sent: Thursday, September 02, 2004 4:36 AM
Subject: Re: Tool to find hidden web proxy server



Dear all,

Thanks for your suggestions. May be I am not able to define my question
properly.

This problem is strictly with in company internet access firewall and in

the

LAN only. In a company, policy for Internet access says it is through IP
only. The others can not browse the internet. This policy is implemented

on

firewall. Few smart guys have installed free proxy server running on non
default ports and distributed the internet access to their friends. The
firewall sees the traffic coming from the authorized IP and does not stop
them. We want to know who has installed proxy on there machine.

I hope, I am able to clearly define my question. Thanks


vinay


----- Original Message -----
From: "wnorth" <wnorth () verizon net>
To: "'vinay mangal'" <vinay.mangal () eil co in>; "'Pen'"
<pen-test () securityfocus com>
Sent: Wednesday, September 01, 2004 11:41 PM
Subject: RE: Tool to find hidden web proxy server



I'm not sure of a tool, but simply scanning your network for TCP/8080 or
TCP/80 or TCP/8000 may give you the results you are looking for. Simple

NMAP

would work.

-Wes

-----Original Message-----
From: vinay mangal [mailto:vinay.mangal () eil co in]
Sent: Wednesday, September 01, 2004 4:27 AM
To: Pen
Subject: Tool to find hidden web proxy server

Dear all,

I am looking for a tool to find the hidden web proxy server in my local
network.

Any hint will be useful.

with regards
Vinay





--------------------------------------------------------------------------

----

Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a

course

taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
--------------------------------------------------------------------------

-----






------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: