[WEB SECURITY] Detection of TOR/Proxies in Web Applications

Mike Adewole mike at voicenette.ca
Fri May 28 21:50:33 EDT 2010


----- Original Message ----- 
From: "Chris Schmidt" <cschmidt at servicemagic.com>
To: <websecurity at webappsec.org>
Sent: Friday, May 28, 2010 2:57 PM
Subject: [WEB SECURITY] Detection of TOR/Proxies in Web Applications


> Is there anyone who has done any type of Anonymous Proxy Detection (TOR or 
> Open Proxy) inside of a web application? I am currently researching 
> methods of detecting this type of traffic so that the application can 
> perform differently or take specific action in those cases.
>
One method: issue a cookie to one IP address, and if the cookie comes back 
from another IP address, both addresses probably belong to a reverse proxy.

--
Mike Adewole
www.botslist.ca


----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list