[Gllug] how to check for a transparent proxy

rich at annexia.org rich at annexia.org
Sun Dec 1 13:33:39 UTC 2002


On Sun, Dec 01, 2002 at 03:52:07AM +0000, Pete Ryland wrote:
> On Sun, Dec 01, 2002 at 03:42:12AM +0000, Xander D Harkness wrote:
> > Does anyone know how to test for a transparent proxy?
> 
> Go to http://pdr.me.uk/t.php and find the bit that says "REMOTE_ADDR" and if
> that is your IP then there is no proxying, otherwise the external IP of your
> proxy will be there.

A decent transparent proxy will rewrite source addresses, so
this will NOT tell you if there's a transparent proxy in the
way.

I'm not actually sure if there is a way to really tell if there's
a transparent proxy between you and another machine (they are,
after all, supposed to be 'transparent' :-) However if you have
access to another machine on the net which has a known clean
IP connection, then you can look for telltale evidence such as
headers added by the proxy to connections.

On the remote (known clean) machine, as root do:

	nc -l -p 80

>From the local side, do:

	nc remote 80

Now type:

	GET / HTTP/1.0

The same should appear almost immediately on the remote side.

Now type:

	Host: foo

followed by the return key TWICE.

On the remote machine you should just see 'Host: foo'. If there
are any other headers added, then you've got a proxy in the middle.

This isn't a foolproof test, but should catch most things.

Rich.

-- 
Richard Jones, Red Hat Inc. (London, UK) http://www.redhat.com/software/ccm
http://www.annexia.org/ Freshmeat projects: http://freshmeat.net/users/rwmj

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list