|
Penetration Testing
mailing list archives
Re: check the presence of a reverse proxy
From: rlpentest () cantonu net
Date: Wed, 1 Dec 2004 14:50:59 +0100
From anywhere where you can reach the web servers, I would suggest to try an
HPING on the http port, with -T (TTL increments) option. If a SYN test is not
enough, maybe the Paketto Keiretsu suite can help, as it can insert some kind
of traceroute in an opened session (Linux).
rl
Can i check the presence of a reverse proxy
between me and some webservers?
The pen-test scenario (target network) is:
- 2 level of firewall (pix and iptables)
- one dmz with a squid configured as reverse proxy
(and other things)
- one internal network with 4 webserver with apache
and public ip address (and other things)
So i would to check if my request to one of webserver
is natted (by external firewall) to the proxy and
redirected by the proxy to the webserver. I can work
from Internet, from a subnet connected to external
firewall, from a subnet connected to internal
firewall.
Some suggestions?
Many thanks
m.
___________________________________
Nuovo Yahoo! Messenger: E' molto più divertente: Audibles, Avatar, Webcam,
Giochi, Rubrica
Scaricalo ora!
http://it.messenger.yahoo.it
 By Date 
By Thread
Current thread:
|
Intro
