Re: Reverse Proxy Pen Testing

["Andres Riancho" <andresit () fibertel com ar>]

FF 647 ,

    This is kind of hard to do because you dont really know the subnet they
are using on their internal lan ( 10.* , 192.168.* or 172.16.* ) so the
worse part is to "guess" where they have the internal web servers. Some time
ago i asked myself this same question and i got to this answer :

        a ) configure proxychains to use the netcache
        b ) run : proxychains nmap -sT -sV -p80 -P0 192.168.1-15.1-50

    Also , netcache can be configured to retrieve only external web pages if
this is the case , i dont know how to bypass that.
    Hope this helps .

Cheers ,

Andres Riancho

----- Original Message ----- 
From: "FF 647" <ff_647 () yahoo com>
To: <pen-test () securityfocus com>
Sent: Friday, March 25, 2005 9:40 PM
Subject: Reverse Proxy Pen Testing


> Does anyone know of a way to test a netcache to see if
> it will return content from web sites on an internal
> network -- intranet sites that would otherwise not be
> viewable by the public? Any info would be appreciated
> as we are investigating techniques to simulate
> Internet based attack vectors against our reverse proxy.
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com