[WEB SECURITY] Detection of TOR/Proxies in Web Applications

Mike Adewole mike at voicenette.ca
Fri May 28 21:50:33 EDT 2010

----- Original Message ----- 
From: "Chris Schmidt" <cschmidt at servicemagic.com>
To: <websecurity at webappsec.org>
Sent: Friday, May 28, 2010 2:57 PM
Subject: [WEB SECURITY] Detection of TOR/Proxies in Web Applications

> Is there anyone who has done any type of Anonymous Proxy Detection (TOR or 
> Open Proxy) inside of a web application? I am currently researching 
> methods of detecting this type of traffic so that the application can 
> perform differently or take specific action in those cases.
One method: issue a cookie to one IP address, and if the cookie comes back 
from another IP address, both addresses probably belong to a reverse proxy.

Mike Adewole

Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list