March 21st, 2003, 09:45 AM
how can i find out
my friend and i are network administrators and want to find whether it is possible to find out
whether some systems are running illegal proxies and giving access to other systems.These other systems that are not allowed to access the net are illlegally are accessing it. is it possible to find this out .Is the "no. of requests comin from on system being high" the only way to find out that that system might be running a proxy.
March 21st, 2003, 10:40 AM
Scanning for a proxy is probably the best thing. Where I am, my ISP scans regularly for the running of unnecessary services by members like SMTP, FTP, HTTP and NNTP. So I'd suggest doing that.
March 21st, 2003, 11:32 AM
Hey MsM, are those the services a proxy server would be running? I don't know, but I'd be interested in knowing the signature of a proxy (if there is one).
Looking through the Iana Port #s (http://www.iana.org/assignments/port-numbers), I see a lot of hits on the word proxy. Am I correct in assuming that the proxt service can be set up on any port (just like any other service), so long as the end-user knows what port to connect to? Is there a Windows or Linux standard proxy port?
March 21st, 2003, 12:39 PM
This may be a completely stupid answer, but don't most proxies use port 8080?
Every now and then, one of you won't annoy me.
March 21st, 2003, 12:43 PM
Proxies can use any port they are set to (then again so can HTTP) but scanners like NMAP or banner-grabbing scanners can find the proxies. Not that hard. It's common to see Proxies at 8080 or 8000 but nothing says they have to be there.
Only a really determined user will go about changing the banner. The bulk of your offenders don't get too fancy. And if you have some that are questionable it's not that hard to separate them out from the easy ones: Just connect to the ports they have open that don't meet standard ports (e.g., 6000-6069: XWindows; 111: RPC; 21: FTP; NNTP: 119; POP3: 110; NetBOIS for NT/95/98; 135-139; 2000AD DS: 445; etc.) and see what response you get.
March 21st, 2003, 12:58 PM
March 21st, 2003, 01:45 PM
its not necessary that the proxy has to be in a specific port . i had a code in java which acted as a proxy , we can specify the port no. on which it should wait. and if clients contact it on that port it would give the required connection. so what do u have to say for that
when was the last time you did something for the first time! Do something!!