Is it possible to detect if a proxy is intercepting and sniffing or modifying data

I was watching a video on burp suite and proxy so it made me think. What if someone setup public proxies that anyone could use and also ran a tool like Burp suite to sniff and/or modify data.

Is this a serious security concern where any proxy you do not have control over should be avoided or can you detect this MITM based attack know that the proxy is safe to use.

Replay

So, most people seem to think this is impossible. Ttl alteration gives you some hopes in identifying both nat translations and network proxies. Firewalking techniques are sorta helpful. But you'll almost have to manually adjust it for each situation. I don't know that there is a standardized suite for identifying proxies that may affect traffic in this manner, but there probably should be.

If you use open proxy lists, yes people can mitm your connections. SSL chains can be caught and reworked but the user will notice the ssl issues. Good thing there is that people CONSTANTLY IGNORE SSL CERTIFICATE ERRORS ( https://nakedsecurity.sophos.com/2015/02/03/google-redesigns-security-warnings-after-70-of-chrome-users-ignore-them/ ).

But there is hope. It's getting better. Slowly...

Category: http Time: 2016-07-30 Views: 0

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development

search

Front-end development

Database

development tools

Open Platform

Javascript development

.NET development

cloud computing

server

Copyright (C) avrocks.com, All Rights Reserved.

processed in 3.613 (s). 13 q(s)