I give up trying to understand this. Initially you were complaining about port 80 being open on your host, you gave us a list of open ports - not an nmap of another host. So now a transparent proxy is the concern? On Wed, 30 Mar 2011 15:45:18 +0530, Partha Chowdhury wrote:
nmap -sV 115.187.45.97
Starting Nmap 4.20 ( http://insecure.org ) at 2011-03-30 15:06 IST Interesting ports on 115.187.45.97: Not shown: 1696 filtered ports PORT STATE SERVICE VERSION 80/tcp open http? 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port80-TCP:V=4.20%I=7%D=3/30%Time=4D92F9D0%P=i686-pc-linux-gnu%r(Help,D
Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ . Nmap finished: 1 IP address (1 host up) scanned in 114.226 seconds
So it seems my ISP is running squid version 3.2.0.4-20110203 in transparent mode , just like you said.
Interestingly when connecting to random ip addresses on port 80, the error page returned is quite different from normal ones.
http://www.freeimagehosting.net/image.php?280f0ef980.png
Does this transparent proxy pose any threat and what can I do to stop that ?
-- Simon Perry (aka Pezz) [ s a n x i o n . n e t ]