A couple of ideas about proxy detection... 1. Some people wanted Nessus to detect Wingate or MS proxies. If some documentation is available, that would be great. The only source of information on this topic is, AFAIK, the Dante source code. This open source project tries to be compatible with M$ 2. Should we do more on SOCKS? The SOCKS proxy detection in find_service now tries to identify the "external" interface of the proxy (I also fixed a bug) I wonder if we should try to connect to some private network and raise an alert if we can: we may have an "open" proxy in this case. I suspect that HTTP proxies are far more common and we should rather spend time on them. However, the tests look all right. Currently, Nessus checks: - if anyone can use the proxy - if the proxy accepts CONNECT to any port - if the proxy accepts connections through POST -- mailto:arboiat_private GPG Public keys: http://michel.arboi.free.fr/pubkey.txt http://michel.arboi.free.fr/ http://arboi.da.ru/ FAQNOPI de fr.comp.securite : http://faqnopi.da.ru/
This archive was generated by hypermail 2b30 : Sat Jan 05 2002 - 14:18:40 PST