xenial (1) proxycheck.1.gz

Provided by: proxycheck_0.49a-4_amd64 bug

NAME

       proxycheck — open proxy server checker

SYNOPSYS

       proxycheck options host[:proto_port_spec]...

DESCRIPTION

       proxycheck  is a simple open proxy checking tool which is capable to quickly discovery open proxy servers
       on many hosts.  It's primary goal is to detect an open proxy server in order to  prevent  it's  abuse  by
       various  "bad guys", mostly spammers.  Having a wide-open proxy service running on a publicaly accessible
       network is a very bad idea nowadays, and proxycheck may be used to find such system in order to  be  able
       to either secure a system, or to refuse servicing it until it will be secured properly.

       In  order to determine if a given host is running an open proxy service, proxycheck tries to connect to a
       given destination system via a host and perform some actions, trying to talk with the destination system.
       If a talk is successeful, proxycheck assumes the proxy service is running and wide-open.

       proxycheck  supports all commonly used proxy protocols, namely, HTTP CONNECT method, SOCKS versions 4 and
       5, and Wingate "telnet"‐style proxies.  In future, support for more protocols may be added.

       Please note that with current number of various trojan horses cicrulating around, each opening a proxy on
       a  random  port,  it is not really enouth to probe for standard (in whatever reason) ports built into the
       proxycheck.  Instead, it is highly recommended to use a list of  currently  active  ports  maintained  by
       several people on the 'net.

OPTIONS

       The following command-line options are recognized:

       -h     print a short help and exit.

       -v     increase the verbosity level.  All debugging messages will go to standard error stream.

       -d deshost:destport (required)
              try  to  establish  a  proxied  connection  to  the  given  dsthost, port dstport.  This option is
              required.

       -c check[:params] (required)
              the "method" proxycheck will use when talking to a destination system to determine if a  proxy  is
              open  or  not.   Interpretation  of  params is check-dependant.  This option is required.  Several
              methods are available:

              chat:sendstr:expectstr
                     Try to perform simple "chat" with the destination system: send the string given as  sendstr
                     and  wait  for  expectstr  on  output.  If sendstr is empty, proxycheck will send the proxy
                     parameters in the form
                        protocol:ip-address:portnumber
                     to the remote system.  Proxy assumed to be open if expectstr is found.

              dsbl   (no parameters accepted)
                     try to submit all found proxies to the DSBL.org-like system, see http://dsbl.org/ for  more
                     details.   All  the  parameters  required  (username,  password,  recipient address, cookie
                     server, ...) are expected to be found in environment variables.   Run  proxycheck  with  -h
                     option  to  see  a  list  of  recognized  variables  and their default values.  By default,
                     proxycheck will anonimously submit all found proxies to unconfirmed.dsbl.org  (which  isn't
                     very  useful).  For trusted DSBL user, at least DSBL_USER and DSBL_PASS variables should be
                     set properly.

       -p proto_port_spec
              specifies protocol and ports to connect to.  If not  given,  proxycheck  will  try  it's  built-in
              default  list.   This option may be specified more than once.   See below for proto_port_spec.  If
              proto_port_spec is specified for a single host to check, it applies to  that  host  only,  and  no
              protocols/ports in default list will be checked for that host.

       -D     do not reset default port list when using -p option, but prepend new ports to it instead.

       -a     use  more  "advanced"  ports/protocols.   The  more  -a's  given, the more ports/protocols will be
              probed.  For a complete list of all ports and protocols and their level, execute  proxycheck  with
              -h option.

       -t timeout
              a  timeout,  in secounds, for every operation.  Default value is 30 secounds.  The timer starts at
              the connection attempt to the proxy itself, after sending the "connect" command to the  proxy  and
              so on.

       -m maxconn
              Do  not  attempt  to  make  more than maxconn parallel connections.  By default, maximum number of
              parallel connections limited by the operating system and on most systems it is around 1000.

       -M maxhconn
              Do not make more than maxhconn parallel connections to the same host (default is unlimited).  This
              may  be useful for overloaded proxies which can't handle many parallel connections using different
              ports/protocols, but may significantly slow down the whole process.

       -s     when an open proxy is found on a given IP, stop probing for other  ports/protocols  for  this  IP.
              Best  used when many IPs are tested, and/or with -M option.  This is because currently, proxycheck
              will not make any new connections to such host, but will wait for already  active  connections  to
              complete.

       -b bindaddr
              use bindaddr as a source address for all outgoing connections.

       -n     write  a  line  about  definitely  closed  proxies  to  stdout in additional to writing about open
              proxies, in a form
                 127.0.0.1 http:8080 closed

       -x     print extended proxy information (proxy-agent and the like) if available.  This  will  be  on  the
              same "open" (or "closed" with -n) line, last, enclosed in square brackets [].

       -i filename
              read  list  of  hosts  to  check from a given file filename (in addition to command line), or from
              stdin if filename if `-'.

   Protocol and Port specification
       Proxy protocols and ports to try (proto_port_spec) specified using the following syntax:
             [proto:][port,port,port]
       like:
             hc:3128,8080 (http protocol on ports 3128 and 8080)
             hc:    (default list of ports for http protocol)
             3128   (try http protocol on standard http port 3128)
             1234   (try all protocols on non-standard port 1234)

       Run proxycheck -h to see a list of supported protocols and default ports.

USAGE

       Simplest usage of proxycheck is to try to connect to e.g.  your own mailserver with  chat  check  method.
       First, connect to your mailserver on port 25 to see which line it outputs upon connection (SMTP greething
       line), and use it with chat:

         proxycheck -d yourmailserver.example.org:25 \
           -c chat::greething ip.add.re.ss...

       proxycheck will write a single line for every proto:port it finds to be open on stdout, in the form:
         127.0.0.3 hc:80 open
       where 127.0.0.3 is an IP address of a host being tested, hc is the protocol name (HTTP  CONNECT,  consult
       proxycheck -h for a full list of protocols) and 80 is a port number where the proxy service is running.

       In  addition,  if  proxycheck  is  able  to guess outgoing IP address of a proxy as seen by a destination
       system, and if that address is different from input proxycheck is  connecting  to,  it  will  print  this
       information too on the same line, like:
         127.0.0.2 hc:80 open 127.0.0.3
       where  127.0.0.3  is  outgoing  IP  addres  of a multihomed/cascaded proxy as reported by the destination
       system.  This IP address is hint only,  there  is  no  simple  and  reliable  way  currently  exists  for
       proxycheck to determine that information.  Proxycheck is able to parse a line sent by remote system in -c
       chat mode — in this mode, proxycheck skips all printable characters after expstr it  found  and  searches
       for opening `[', when tries to find closing ']' and interpret digits and dots in between as an IP address
       which gets printed like above.  If your mailserver's initial reply contains remote  system's  IP,  or  if
       your  mailserver replies with remote system's IP address to HELO/EHLO command, this feature may be useful
       (in the last case, HELO command should be specified in chat).

       When -n option is specified, for proto:ports which aren't running  open  proxy  service,  and  for  which
       proxycheck is able to strongly determine this, a line in the following format will be written:
         127.0.0.4 hc:80 closed
       Note  however  that  in  most cases there is no way to reliable determine whenever a given service is not
       open: for example, an open proxy server may be overloaded  and  refusing  connections.   In  most  cases,
       proxycheck  assumes  proxy  is  in  unknown  state, only a few codes are recognized as real indication of
       "closed" state.

       When -x option is specified, there will be additional proxy info written on the same line (if available),
       like:
         127.0.0.2 hc:80 open 127.0.0.3 [AnalogX 3.1415926]
         127.0.0.3 hc:80 open [AnalogX 3.1415926]
         127.0.0.4 hc:80 closed [AnalogX 3.1415926]

       One  may see some detail of proxycheck's operations giving sufficient number of -v options in the command
       line.  Verbosity level of 5 (-vvvvv) will show almost everything.  All the debugging output  will  go  to
       the  standard  error  stream  and  thus  will not affect normal operations (when you process proxycheck's
       output using some script).

EXIT CODE

       proxycheck will exit with code 100 if at least one open proxy server was found.   In  case  of  incorrect
       usage, it will exit with code 1.  If no open proxies where found, proxycheck will return 0.

LICENSE

       This  program  is  free  software.  It may be used and distributed in the terms of General Public License
       (GPL) version 2 or later.

AUTHOR

       proxycheck written by Michael Tokarev <mjt@corpit.ru>.  Latest version of this utlilty may  be  found  at
       http://www.corpit.ru/mjt/proxycheck.html.

                                                                                                   proxycheck(1)