For When You Can't Have The Real Thing
[ start | index | login ]
start > CentOS > 8 > Find Transparent Proxy Systems

Find Transparent Proxy Systems

Created by dave. Last edited by dave, 125 days ago. Viewed 106 times. #1
[edit] [rdf]
labels
attachments
(2021-02-17)

Problem

A system between me and my destination is doing proxying for the destination IP.

In practice: A firewall was showing all IPs it could route to as having SIP and Cisco-CSSP services enabled. Configuration changes to the firewall were necessary to close things. However, we needed to prove the proxying before we could disable it.

Solution

# nmap --traceroute -Pn -p 2000 example.com
TRACEROUTE (using port 2000/tcp)
1   2.04 ms  gateway (192.168.1.1)
2   14.37 ms 10.100.96.1
3   15.60 ms example.com (192.0.2.5)

# nmap --traceroute -Pn -p 22 example.com TRACEROUTE (using port 22/tcp) 1 2.04 ms gateway (192.168.1.1) 2 14.37 ms 10.100.96.1 3 15.60 ms 182.23.16.88 4 10.11 ms 182.23.16.82 5 44.73 ms example.com (192.0.2.5)

In the example above, the system 182.23.16.88 is providing proxied services for 192.0.2.5 on port 2000, and passing ssh further along the routing path to where 192.0.2.5 actually is.

(>>Source)

no comments | post comment
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful:


snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt