Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Tool to find hidden web proxy server
From: "Scovetta, Michael V" <Michael.Scovetta () ca com>
Date: Wed, 1 Sep 2004 13:43:18 -0400

Vinay,
  I'm not an expert on this, but here's how I would do try:
#1. How do you know there's a web proxy server in your local network?
        If it is because a resource is restricted by IP and you think
people are getting in when they shouldn't be, then look through the
server logs to see who accessed it, and look for anomolies. If you can
find someone who has used the proxy to go somewhere, then sniff his
traffic to see where he goes, one of the boxes should be the proxy.
#2. Scan the network traffic for strings like "nph".
#3. Scan machines, looking for ones that accept http connections.

Just my $0.02.

M
-----Original Message-----
From: vinay mangal [mailto:vinay.mangal () eil co in] 
Sent: Wednesday, September 01, 2004 7:27 AM
To: Pen
Subject: Tool to find hidden web proxy server

Dear all,

I am looking for a tool to find the hidden web proxy server in my local
network.

Any hint will be useful.

with regards
Vinay


------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one
interaction
with one of our expert instructors. Check out our Advanced Hacking
course,
learn to write exploits and attack security infrastructure. Attend a
course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
-------





------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault