Re: Tool to find hidden web proxy server

From: Daniel Staal (DStaal@usa.net)
Date: Wed Sep 08 2004 - 10:31:59 EDT


--As of Tuesday, September 7, 2004 8:47 PM +0200, Jose Maria Lopez is
alleged to have said:

> From what I have understood from the original poster what he wants
> to find it's the transparent proxy that it's redirecting his
> traffic. But if you are finding an application proxy installed
> on one of the desktop computers then it could be possible to do
> it just using nmap to see what ports are open in all the computers
> in the network, or using nessus to find strange programs listening
> on strange ports. Nessus can do a great job in portscanning the
> network, it has the nmap capabilities and some more techniques to
> find open ports.

--As for the rest, it is mine.

Yes, but which is actually easier/better? Depending on the circumstances,
either way could be.

If you step back and take a look at it the problem isn't 'find the proxy
server' it is 'shut down the hole in our network', or possibly 'chastise
the user who is breaking regulations'. I wanted to point out that you
could use the authority of being the sysadmin (which I presume the original
poster is) to solve the latter two problems.

I'm not going to say one way or the other *is* better. They both have
benefits and disadvantages. The exact balance depends on (among other
things): scripting ability, familiarity with network monitoring, corporate
culture, and what else you want/need done. I'm just saying that people
here were looking at this exclusively from the network monitoring/cracking
viewpoint, when there are other resources available to the poster. They
might be worth considering, that's all.

Daniel T. Staal

---------------------------------------------------------------
This email copyright the author. Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes. This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.
---------------------------------------------------------------

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:04 EDT