[GTALUG] How to find out if you're behind proxy?
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Thu Mar 2 15:44:45 EST 2017
On Thu, Mar 02, 2017 at 01:54:10PM -0500, William Park via talk wrote:
> Hi all,
>
> Do you know any simple way to find out if you're behind a proxy?
>
> Usually , I get "Connection reset by peer" when I ssh to a machine which
> only accepts my key. But, that message could be caused by other
> problems.
Well I don't think there are proxies for ssh in general, but a firewall
could do that too. A proxy tends to require support from the client,
although there are transparrent http proxies.
Now if you do something like ssh you could do this:
I do ssh from one machine to another at home (from 192.168.1.2 to
192.168.1.50 in this case) and then I run netstat -an|grep :22|grep EST
on both and get:
On 192.168.1.2 (the source machine):
tcp 0 0 192.168.1.2:57550 192.168.1.50:22 ESTABLISHED
On 192.168.1.50 (the target machine):
tcp 0 0 192.168.1.50:22 192.168.1.2:57550 ESTABLISHED
So both agree on what the source and destination ports are for the
connection. So that is most likely a direct connection. A firewall might
be able to pass you through without changing the port, but not always.
Also the source and destination IPs match in this case too.
Meanwhile a different connection looks like this:
On target machine:
tcp 0 36 192.168.1.2:22 216.13.88.82:51088 ESTABLISHED
On source machine:
tcp 0 0 10.0.2.15:44802 69.165.217.208:22 ESTABLISHED
The ports don't match, the IPs don't match (at all), so clearly at least
one firewall is involved and most likely at least two in this case.
But really the best bet is to check if your idea of the source IP
matches the remote ends idea of your source IP. If they don't, then
your connection went through NAT or a proxy or something else similar
that changed the source IP (and often the source port too).
--
Len Sorensen
More information about the talk
mailing list