[WEB SECURITY] automatically detecting transparent web proxies

travis+ml-webappsec at subspacefield.org travis+ml-webappsec at subspacefield.org
Fri Feb 11 12:35:41 EST 2011


On Tue, Feb 08, 2011 at 01:26:13PM -0500, robert at webappsec.org wrote:
> > My usual is:
> > 
> > telnet 1.2.3.4 80
> > 
> > If you get a connection, you've got a transparent proxy (or some
> > inconsiderate bugger has finally put a web server on 1.2.3.4)
> 
> Some ISPS respond with placeholder pages for non existent domains, and they accomplish this
> by responding to DNS requests to point to their web server IP. In this use case simply telnetting
> will not prove reliable. Network solutions did this years ago and stopped, however there are likely some
> isps doing the same thing somewhere. 

Very true if 1.2.3.4 were a domain name ;-)

I personally tend to run my own DNS infrastructure and stopped relying
on whatever is provided when providers started lying like this.

Cheers,
Travis
-- 
Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/
My emails do not usually have attachments; it's a digital signature
that your mail program doesn't understand.
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110211/7d85c9a6/attachment.sig>


More information about the websecurity mailing list