Home page logo
/

basics logo Security Basics mailing list archives

Re: Network Misuse
From: "Tima Soni" <tima.soni () gmail com>
Date: Fri, 17 Aug 2007 09:18:50 +0530

To add, you can use the reg query command and query tis registry
seetings remotely on any computer on the network for which you have
rights to access the registry.

regards,
Tima

On 8/17/07, Kurt Buff <kurt.buff () gmail com> wrote:
In the registry, take a look at the setting for this key:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyServer"="192.168.10.10:3128"

The IP address:port# combination will tell the tale. We set this
through a logon  script.

On 8/15/07, Mohamad Mneimneh <Mohamad.Mneimneh () dargroup com> wrote:
Hi List,

I am seeing users on my LAN using unauthorized sw such as msn messenger.
By default, this service is blocked for the average user. I am
suspecting that these users have set another proxy in their IE browser
than that of the local site, possibly the proxy of one on the company's
remote sites where no such restrictions exist, or even worse using some
tunneling mechanism.

My question is: Is there any way to obtain the Internet Explorer's proxy
settings remotely so I can confirm this?

Thanks,

-Mohamad.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault