24 Apr
2003
24 Apr
'03
8:56 p.m.
--On Thursday, April 24, 2003 8:45 PM +0000 Paul Vixie <vixie@vix.com> wrote:
I use proxycheck to manually check hosts for open proxies (http://www.corpit.ru/mjt/proxycheck.html)... you could script this (or a similar tool) and run scans of your entire network.
That's what I would suggest. You could also reactively test your customers when they make a connection to your webserver or mailserver.
that won't catch the case where a proxy is open and is being abused but the resulting traffic is directed outside of the local isp, which is going to be the common case since parasites don't like to endanger their hosts.
True, but most people who end up with an open proxy trojan will also be using the machine to read their ISP provided email, etc