nmap -sS -n -Pn --max-retries 1 -T 4 --script socks-open=proxy xxxxxx/xx
Select allOpen in new window
Nmap scan report for xxxxxxxx
Host is up (0.016s latency).
PORT STATE SERVICE
1080/tcp open socks
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent
the standard protocol for 1080 is socks proxy
the port being 1080 ca, also be a web server but you can't be sure.
first try and declare the host and port as a socks server and see if it works. if yes, you have your answer.
try and connect with telnet. if you get a banner, you probably have the protocol written in the banner.
nc smtp.gmail.com 25
220 smtp.gmail.com ESMTP f17sm15860558wmf.10 - gsmtp
for banner-less protocols, you'd have to fish and expect to be lucky. often, sending a dummy or empty query will produce a reasonably significant error string that will help you guess.
sending "DUMMY" as a request to a web server produces an error that is obviously HTTP
$ nc -v localhost 80
Connection to localhost 80 port [tcp/http] succeeded!
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<title>501 Not Implemented</title>
<p>DUMMY to / not supported.<br />
<address>Apache Server at 127.0.1.1 Port 80</address>
in some cases you'd be less lucky. i do not know of a working all-purpose detector ( but many which claim to be able to do so are actually dummies )