Wikipedia:Open proxies noticeboard/Guide to checking open proxies: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 22:51, 13 December 2018 edit Zzuuzz (talk \| contribs) Edit filter managers, Autopatrolled, Checkusers, Administrators 138,858 edits ce ← Previous edit		Latest revision as of 04:40, 18 March 2025 edit undo Elli (talk \| contribs) Edit filter managers, Autopatrolled, Checkusers, Oversighters, Administrators 58,422 edits m Elli moved page Wikipedia:WikiProject Open proxies/Guide to checking open proxies to Wikipedia:Open proxies noticeboard/Guide to checking open proxies: per parent move
(7 intermediate revisions by 6 users not shown)
Line 6: # Identify the access point. You are hopefully going to use it yourself. Google the IP address. Do [[rDNS]] and [[WHOIS]] lookups. Be creative if you have to, like looking at neighbouring IP addresses ([[toollabs:ipcheck/iprange.php\|Tool]]). While you're there check if it looks dynamic. The first question to ask is whether it's a web proxy or an HTTP proxy. ## Does it look like a web server? Keywords to look for in search results are PHP-proxy, CGI-proxy, Glype, and NPH, as well as ___domain names. Do the rDNS and WHOIS suggest it's a dedicated server or hosting range? Open the IP address in your browser. Is there a holding page, or even a web proxy there? Find which sites are hosted on it using rDNS and Google. Nmap will almost always say that port 80 is open on webservers, but this does not necessarily mean there is an open proxy there. ## Or does it look like an [[SOCKS#Comparison_to_HTTP_proxying\|HTTP/SOCKS proxy]]? Such proxy IPs are always associated with a [[TCP and UDP port\|port number]]. The most usual ones are 80, 1080, 3128, 8000, 8080, 8888, but it could be any number up to 65535. These ports are usually displayed in search results following the IP address and a colon, for example 111.282.3.1:3128. They are, in so far as they obfuscate e.g. the user's original IP address and other data, sometimes [[Proxy_server#Anonymous_HTTPS_proxy\|referred to]] as "Transparent" or "Elite". Use the IP address with colon and port number in your browser's address bar. If the port is open there will usually be some response, but probably nothing very interesting. If a normal Nmap-portscan is used the ports will be said to be open, but this does not necessarily mean there is an open proxy. Nmap can, however, check via its scripts [https://nmap.org/nsedoc/scripts/http-open-proxy.html http-open-proxy] and [https://nmap.org/nsedoc/scripts/socks-open-proxy.html socks-open-proxy] ~~if they actually operate~~. ###An example would be: <code>nmap -P0 --script=socks-open-proxy --script=http-open-proxy.nse -p<ports to check> <host></code> ## Or is it another type of anonymiser? They are beyond this article's scope, but the same principles apply. For examples see [[:Category:Anonymity networks]]. Line 30: ==See also== [[Wikipedia:New admin school/Blocking]] [[Wikipedia:WikiProject ~~on open~~Open proxies]] [[Wikipedia:Blocking IP addresses]] [[Wikipedia:Open proxies]] Line 40: [[Category:Administrator instructions\|Open proxies]] [[Category:WikiProject Open proxies\|Guide to checking open proxies]]