HTTP Proxy Open Relay Detection
Info Nessus Plugin ID 10195
SynopsisThe remote web proxy server accepts requests.
DescriptionThe remote web proxy accepts unauthenticated HTTP requests from the Nessus scanner. By routing requests through the affected proxy, a user may be able to gain some degree of anonymity while browsing websites, which will see requests as originating from the remote host itself rather than the user's host.
SolutionMake sure access to the proxy is limited to valid users / hosts.