RE: Tool to find hidden web proxy server

From: Jose Maria Lopez (jkerouac@bgsec.com)
Date: Fri Sep 03 2004 - 18:13:18 EDT


El vie, 03 de 09 de 2004 a las 10:32, Singh, Yashpal escribió:
> 1. I think, you monitor the network traffic and see which authorized machines are generating the most of the traffic. And hen you can conclude who is running the proxy server on their machines.
>

That could be perfectly a router to other network, and maybe you can't
see behind that device.

> 2. Or you can use npulse to check all the machines in ur LAN and see which ports are open on these machines.
>

This approach is defective because if the transparent proxy is
implemented in the router or firewall then you will only see
port 80 open, if the administrator has done his work well then
the port 8080 or 3128 will be closed for the internal network.

> Thanks
> Yash
>
>
>
> -----Original Message-----
> From: hashem@macxperts.com [mailto:hashem@macxperts.com]
> Sent: Thursday, September 02, 2004 1:05 PM
> To: pen-test@securityfocus.com
> Subject: Re: Tool to find hidden web proxy server
>
>
> Perhaps if you are on linux you can use nmap to scan your whole subnet and
> output the scan to a text file then you can grep it for the word proxy (
> means you gotta be root and do an -sV ) correct me if im wrong.
> ----- Original Message -----
> From: "vinay mangal" <vinay.mangal@eil.co.in>
> To: "Pen" <pen-test@securityfocus.com>
> Sent: Thursday, September 02, 2004 4:36 AM
> Subject: Re: Tool to find hidden web proxy server
>
>
> > Dear all,
> >
> > Thanks for your suggestions. May be I am not able to define my question
> > properly.
> >
> > This problem is strictly with in company internet access firewall and in
> the
> > LAN only. In a company, policy for Internet access says it is through IP
> > only. The others can not browse the internet. This policy is implemented
> on
> > firewall. Few smart guys have installed free proxy server running on non
> > default ports and distributed the internet access to their friends. The
> > firewall sees the traffic coming from the authorized IP and does not stop
> > them. We want to know who has installed proxy on there machine.
> >
> > I hope, I am able to clearly define my question. Thanks
> >
> >
> > vinay
> >
> >
> > ----- Original Message -----
> > From: "wnorth" <wnorth@verizon.net>
> > To: "'vinay mangal'" <vinay.mangal@eil.co.in>; "'Pen'"
> > <pen-test@securityfocus.com>
> > Sent: Wednesday, September 01, 2004 11:41 PM
> > Subject: RE: Tool to find hidden web proxy server
> >
> >
> > > I'm not sure of a tool, but simply scanning your network for TCP/8080 or
> > > TCP/80 or TCP/8000 may give you the results you are looking for. Simple
> > NMAP
> > > would work.
> > >
> > > -Wes
> > >
> > > -----Original Message-----
> > > From: vinay mangal [mailto:vinay.mangal@eil.co.in]
> > > Sent: Wednesday, September 01, 2004 4:27 AM
> > > To: Pen
> > > Subject: Tool to find hidden web proxy server
> > >
> > > Dear all,
> > >
> > > I am looking for a tool to find the hidden web proxy server in my local
> > > network.
> > >
> > > Any hint will be useful.
> > >
> > > with regards
> > > Vinay
> > >
> > >
> >
> >
> > --------------------------------------------------------------------------
> ----
> > Ethical Hacking at the InfoSec Institute. All of our class sizes are
> > guaranteed to be 12 students or less to facilitate one-on-one interaction
> > with one of our expert instructors. Check out our Advanced Hacking course,
> > learn to write exploits and attack security infrastructure. Attend a
> course
> > taught by an expert instructor with years of in-the-field pen testing
> > experience in our state of the art hacking lab. Master the skills of an
> > Ethical Hacker to better assess the security of your organization.
> >
> > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> > --------------------------------------------------------------------------
> -----
> >
> >
>
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------------
> Ethical Hacking at the InfoSec Institute. All of our class sizes are
> guaranteed to be 12 students or less to facilitate one-on-one interaction
> with one of our expert instructors. Check out our Advanced Hacking course,
> learn to write exploits and attack security infrastructure. Attend a course
> taught by an expert instructor with years of in-the-field pen testing
> experience in our state of the art hacking lab. Master the skills of an
> Ethical Hacker to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> -------------------------------------------------------------------------------

-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:04 EDT