#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2003
    Posts
    41
    Rep Power
    12

    Scan for proxy server


    Hi,

    Does anyone know a good program that we could use to scan for internal open proxy server?

    Are there many different proxy server types?
    Is it differentiated by the port number?

    Can anyone tell me more about how proxy functions....?

    Geek
  2. #2
  3. 11
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jul 2001
    Location
    Lynn, MA
    Posts
    4,635
    Rep Power
    83
    Why? There are VERY few legitimate reasons for you to be probing for open proxy servers, and a slew of illegitimate ones.

    More details about why you want to do this, please.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2003
    Posts
    41
    Rep Power
    12
    Hhaha....dont worry.
    I am doing it with the best interest!

    My friend who is one of the people in the university research department was given a proxy server, thus, he could connect to the wep with free internet access.

    However, there seems to be too much traffic going around.
    Thus, he suspects that some of his friends who know that proxy server are the ones behind. But, he cant tell the admin that he was the one who let them find out, thus, he tells the department that he's the one using all those traffic.

    However, none of his friends said that they used it.
    Thus, here, I am curious, if someone else could have used a program to scan the proxy and use it instead?

    He has tried changing it many times, but still, it didn't help!

    Geek
  6. #4
  7. 11
    Devshed Demi-God (4500 - 4999 posts)

    Join Date
    Jul 2001
    Location
    Lynn, MA
    Posts
    4,635
    Rep Power
    83
    Oh, I get it. You're on the other end of the stick- Yes there are brute-force proxy scanners that go IP by IP, and port-by-port looking for open proxies, and given that your friends proxy is on a university network,(a well defined netblock with fat bandwidth) I'd say it's very likely that it's been discovered, with the likelihood increasing over time.

    Scanning for open proxies is a very common activity, as they are desirable for script-kiddies and spammers: they allow you to launch attacks/probe other hosts with varying amounts of anonymity. University bandwidth is highly sought after as well, because .edus usually have large pipes.

    Can you look at the log files for the proxy server?

    Depending on what proxy software you're using, you should be able to write rules allowing traffic from only certain IPs or other criteria- the proxy server built into apache allows you to do this.

    Shut it down or close it up.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2003
    Posts
    41
    Rep Power
    12
    Thanks Hero Zzyzzx for your crucial info.

    Very appriciated!

    Geek

IMN logo majestic logo threadwatch logo seochat tools logo