I give up trying to understand this.
Initially you were complaining about port 80 being open on your host,
you gave us a list of open ports - not an nmap of another host.
So now a transparent proxy is the concern?
On Wed, 30 Mar 2011 15:45:18 +0530, Partha Chowdhury wrote:
nmap -sV 115.187.45.97
Starting Nmap 4.20 ( http://insecure.org ) at 2011-03-30 15:06 IST
Interesting ports on 115.187.45.97:
Not shown: 1696 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http?
1 service unrecognized despite returning data. If you know the
service/version, please submit the following fingerprint at
http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port80-TCP:V=4.20%I=7%D=3/30%Time=4D92F9D0%P=i686-pc-linux-gnu%r(Help,D
Service detection performed. Please report any incorrect results at
http://insecure.org/nmap/submit/ .
Nmap finished: 1 IP address (1 host up) scanned in 114.226 seconds
So it seems my ISP is running squid version 3.2.0.4-20110203 in
transparent mode , just like you said.
Interestingly when connecting to random ip addresses on port 80, the
error page returned is quite different from normal ones.
http://www.freeimagehosting.net/image.php?280f0ef980.png
Does this transparent proxy pose any threat and what can I do to
stop that ?
--
Simon Perry (aka Pezz)
[ s a n x i o n . n e t ]
