Plugin ID | 33 |
Plugin name | Proxy port tcp/8080 detection |
Plugin filename | Proxy port tcp-8080 detection.plugin |
Plugin filesize | 2611 bytes |
Plugin family | Firewalls |
Plugin created name | Marc Ruef |
Plugin created email | marc dot ruef at computec dot ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2003/11/14 |
Plugin updated name | Marc Ruef |
Plugin updated email | marc dot ruef at computec dot ch |
Plugin updated web | http://www.computec.ch |
Plugin updated company | computec.ch |
Plugin updated date | 2004/11/13 |
Plugin version | 1.3 |
Plugin changelog | Corrected the plugin structure and added the accuracy values in 1.3 |
Plugin protocol | tcp |
Plugin port | 8080 |
Plugin procedure detection | open|send GET http://www.computec.ch HTTP/1.0\nProxy-Connection: Keep-Alive\n\n|sleep|close|pattern_exists HTTP/1. |
Plugin detection accuracy | 90 |
Plugin comment | This plugin was written with the ATK Attack Editor. |
Bug affected | Proxy servers listening on tcp/8080 |
Bug not affected | Proxy servers bind to another port |
Bug vulnerability class | Configuration |
Bug description | Port tcp/8080 is a often used port for proxy servers. If an attacker can connect to the port, start an HTTP request and get an HTTP reply, he can be very sure that there is a web proxy available. |
Bug solution | Reconfigure the remote proxy so that it only accepts requests coming from inside your network. |
Bug fixing time | 20 minutes |
Bug exploit availability | Yes |
Bug remote | Yes |
Bug local | Yes |
Bug severity | Medium |
Bug popularity | 8 |
Bug simplicity | 7 |
Bug impact | 6 |
Bug risk | 6 |
Bug Nessus risk | Low/Medium |
Bug check tools | Nessus is able to do the same check. |
Source Nessus ID | 10195 |
Source Literature | Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427 |
Source Misc. | http://www.computec.ch |