A couple of ideas about proxy detection...
1. Some people wanted Nessus to detect Wingate or MS proxies.
If some documentation is available, that would be great. The only
source of information on this topic is, AFAIK, the Dante source
code. This open source project tries to be compatible with M$
2. Should we do more on SOCKS?
The SOCKS proxy detection in find_service now tries to identify the
"external" interface of the proxy (I also fixed a bug)
I wonder if we should try to connect to some private network and raise
an alert if we can: we may have an "open" proxy in this case.
I suspect that HTTP proxies are far more common and we should rather
spend time on them. However, the tests look all right. Currently, Nessus
checks:
- if anyone can use the proxy
- if the proxy accepts CONNECT to any port
- if the proxy accepts connections through POST
--
mailto:arboi@bigfoot.com
GPG Public keys: http://michel.arboi.free.fr/pubkey.txt
http://michel.arboi.free.fr/ http://arboi.da.ru/
FAQNOPI de fr.comp.securite : http://faqnopi.da.ru/
1. Some people wanted Nessus to detect Wingate or MS proxies.
If some documentation is available, that would be great. The only
source of information on this topic is, AFAIK, the Dante source
code. This open source project tries to be compatible with M$
2. Should we do more on SOCKS?
The SOCKS proxy detection in find_service now tries to identify the
"external" interface of the proxy (I also fixed a bug)
I wonder if we should try to connect to some private network and raise
an alert if we can: we may have an "open" proxy in this case.
I suspect that HTTP proxies are far more common and we should rather
spend time on them. However, the tests look all right. Currently, Nessus
checks:
- if anyone can use the proxy
- if the proxy accepts CONNECT to any port
- if the proxy accepts connections through POST
--
mailto:arboi@bigfoot.com
GPG Public keys: http://michel.arboi.free.fr/pubkey.txt
http://michel.arboi.free.fr/ http://arboi.da.ru/
FAQNOPI de fr.comp.securite : http://faqnopi.da.ru/