Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Tool to find hidden web proxy server
From: Daniel Staal <DStaal () usa net>
Date: Wed, 08 Sep 2004 10:31:59 -0400

--As of Tuesday, September 7, 2004 8:47 PM +0200, Jose Maria Lopez is alleged to have said:

From what I have understood from the original poster what he wants
to find it's the transparent proxy that it's redirecting his
traffic. But if you are finding an application proxy installed
on one of the desktop computers then it could be possible to do
it just using nmap to see what ports are open in all the computers
in the network, or using nessus to find strange programs listening
on strange ports. Nessus can do a great job in portscanning the
network, it has the nmap capabilities and some more techniques to
find open ports.

--As for the rest, it is mine.

Yes, but which is actually easier/better? Depending on the circumstances, either way could be.

If you step back and take a look at it the problem isn't 'find the proxy server' it is 'shut down the hole in our network', or possibly 'chastise the user who is breaking regulations'. I wanted to point out that you could use the authority of being the sysadmin (which I presume the original poster is) to solve the latter two problems.

I'm not going to say one way or the other *is* better. They both have benefits and disadvantages. The exact balance depends on (among other things): scripting ability, familiarity with network monitoring, corporate culture, and what else you want/need done. I'm just saying that people here were looking at this exclusively from the network monitoring/cracking viewpoint, when there are other resources available to the poster. They might be worth considering, that's all.

Daniel T. Staal

---------------------------------------------------------------
This email copyright the author.  Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes.  This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.
---------------------------------------------------------------

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault