H D Moore <hdmat_private> writes: > There are some slight differences between Dante and MS Proxy when it > comes to the SOCKS 5 support. You mean that Dante does not support the MS winsock proxy? > The Netscape browser seems to be able to work with either Once I looked at Netscape, at it was using SOCKS4. Did this change, or can it adapt? > Trying to connect to an internal network is going to be tricky, no matter > which set of address you use to test, theres a good chance youre still going > to miss about half of the networks being used. I thought of something like trying to connect to a couple of RFC 1918 addresses. I agree that this will not cover all private networks, but it will be better than nothing... A "good" proxy should return "permission denied" for any RFC1918 address. > This would also falesly trigger when the scan is being run on the internal > network. Yes. However, the proxy should not be used to connect an internal machine to an internal server. I agree that a "clean" test is tricky in NASL. It should take three IP address into account: the nessusd machine, the target machine, and the external interface (if we could find it) > The current HTTP proxy checks look good, might want to add Apache > reverse-proxy detection too Looks nice, for information gathering.
This archive was generated by hypermail 2b30 : Sat Jan 05 2002 - 16:25:23 PST