Verify the Proxy Chains???
Results 1 to 9 of 9

Thread: Verify the Proxy Chains???

  1. #1
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901

    Question Verify the Proxy Chains???

    Hello everybody.


    I recently got my proxy chaining apps running, and stuffed it with a few valid proxies. I tried it on several applications, like ftp, web, ssh, irc, nmap etc and it works fine. The target shows the last proxy server in the list of chains. My questions is:

    How do i know that its acutally going through all the proxies in the list. It says its chaining through them all, but how can i be certain of that?

    Better said, how can i trace it back each proxy at a time? Or would i have to view the logfies of each proxy server it goes through (time stamps)?


    Any solution would be much appreciated.

    Cheers everyone.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Pop a packet sniffer on your box and look at the traffic going outbound from your comp. If it is the first proxy in the chain then you can be pretty sure that the packets are making the rounds of all the proxies in your list because you have already determined that the last one is making the final connection.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    /me slaps myelf for not thinking bout it.

    I used ethereal to monitor the traffic, and indeed i can see the first proxy, which differs from the last one So it works, and all is well.

    Thank you alot Tiger shark.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    NP Insi..... Sometimes the answer is sat right on the end of our noses, it just takes someone else to point it out..... Kinda like boogers.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    What chaining software do you use, if one may so boldly ask?
    /\\

  6. #6
    Senior Member br_fusion's Avatar
    Join Date
    Apr 2002
    Posts
    167
    diddo
    The command completed successfully.


    \"They drew first blood not me.\"

  7. #7
    The Recidivist
    Join Date
    Nov 2002
    Posts
    460
    I personally use proxychains for mine. I use yaph with the --use_nmap switchto find em. Works great for me.


    hjack
    "Where the tree of knowledge stands, there is always paradise": thus speak the oldest and the youngest serpents.
    - Friedrich Nietzsche

  8. #8
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    Thanx hjack, I came across both those two pieces of 'equipmtn' after the post, haven't checked them yet cuz of stressful philosophy paper due tomorrow :\
    /\\

  9. #9
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Yup, just like hjack pointed out, thats the 2 i use. I recomend reading the following too, before attempting to use this sort of software, since it does bring in a LARGE security issue.

    http://www.faqs.org/rfcs/rfc2607.html

    Its important that you understand what it is exactly, and how it works. Not just download and use it.
    And never never use it if your gonna type anything sensitive, such as passwords, personal info etc.....

    This so called proxy chaining also makes you vurnerable to a "man-in-the-middle" attack, where someone captures your packets (encrypted or not) and can resend them to gain access, as well as remote session hijacking. Also make sure if you use it that you have the correct proxies for the wanted use, such as "GET" for web, and "CONNECT" for other tcp connection type applications.

    Cheers.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides