Anti-proxy: how to detect your IP if you are using an anonymous proxy server?
+ C7 u3 I% t$ K3 a7 R& F _As you already know, there are anonymous proxy servers that can be used for surfing the web anonymously. It is also interesting to know, is there a way of tracking down a web-surfer behind an anonymous proxy server." H/ f' d8 y, N5 P4 n/ V2 F! x
Yes, there are a number of possibilities not only to detect a visitor using several anonymous proxy servers, but also to detect his real IP even if he is using an anonymous proxy server.
9 N7 m+ j I# K$ [6 W. U! t# i# q: _
" t3 s, \1 k' ^6 l, f1 ?* \: H" J' [Cookies
4 ~7 j0 D8 E8 d0 ^' s1 f% JAt first sight, cookies are not anyhow related to proxy servers. Cookies are used to transfer small portions of information from the web server to the client as an addition to the requested web page. This additional information is stored in the client s browser and is retrieved by the web server. Cookies can be both temporary (for one-time use during a web session; when the session is over, these cookies are deleted) and long-term (for continuous store on the client s machine).* h% Y/ P9 J+ h0 b& i" N# f! g: E* H
So, why do we need cookies? For example, if the password is requested while checking your e-mail box. After you have entered the password, it is stored in cookies, so each time you browse from page to page, the web server would check the password in the cookies instead of asking for it on every page.0 w2 z. E+ X5 q6 G4 U0 m0 L
4 J* ] H. v0 z' X0 qHow can a cookie help to detect a proxy? You cannot detect IP with the help of cookies. However, when you first visit a web site, the IP (i.e. your proxy server s IP) is detected by the web server and then stored in the cookies. When you re-visit this site, the web server detects your IP again and checks it with the one stored in the cookies. If the IPs are not the same, the web server can make certain conclusions. And if you don't disable cookies in your browser, no proxy will help you (anonymizers can disable cookies and stop relaying them to your machine).. \0 P- j0 D5 F# A1 m5 a& ^
2 B0 [( c/ c1 r; @7 T, i0 V+ r
JavaScript / VBScript) i3 _6 @% ?3 L( m
There are special subprograms (scripts) run by the client s browser. Therefore, no matter how hard you try to setup your browser (unless you disable these active scripts), you won't be able to hide your real IP. These scripts are actually classified as simple programs and have very limited number of functions, however they are able to detect your IP as well as many other settings of your browser. These scripts can change your browser settings too!
; m- D9 t& A; ~5 h+ i
1 V1 y+ t7 M$ k. o3 d$ K8 o/ iThere is a multilevel protection from these scripts. You can restrict a script from accessing your browser features. However, the best way to protect your browser is completely disabling active scripts. You can disable scripts directly in anonymizers.
' l9 o- ^# i* \
/ x3 S j% C% `# OJava
3 z9 I# T$ t) ^( Z# `Unlike JavaScript, Java is a full-featured programming language. So Java scripts have many additional abilities (particularly, detecting or changing your browser settings). In other words, Java programs can easily detect your IP and partially the settings of your browser.
' i+ k) z8 J. E+ u- O9 b6 b
8 ]# m5 @( A PAs far as it goes to protecting your IP from being detected by Java scripts, all is much more complicated: the most secure and probably the only way is to completely disable Java in browser settings, as long as Java has many network functions and it's quite difficult to switch them all off.( h* G: B+ N- m0 O7 Y$ x( ?" }
$ L* ^6 v, K0 P* Q2 b7 D2 tActiveX and plug-ins
; D- _. `. Y( P% c% Y9 n, |+ JActiveX and plug-ins are various add-ons and modules of your browser. These modules are in fact real proper programs run on the client s machine and therefore they have wider capacities than Java and Javascript. They can easily detect your browser settings and track down your real IP address. What's more, they can even easily change your proxy server s settings!9 |: h, e, h, _
L. T6 L/ _# |. W$ c4 @
To secure your browser and IP address, disable ActiveX and plug-ins options in your browser settings.9 {5 w8 C( S5 u' u' A
' h4 a1 I R+ @1 W4 f) b* b
Armour vs. bombs% m, j* o6 M0 f5 h6 t. s w
The war between those who want to stay anonymous web-surfers and those who want to know all about their clients and visitors will never end. There always will be new ways of hiding your life inside the web, likewise there always will be new technologies to hack or to pass this protection.# s4 p0 K# V6 \2 ]6 u \4 e
9 H8 H' h4 L# ?) [5 e+ l( Y% p& \! yYou can secure your IP using several methods:
9 ~! _3 ]* i1 [8 G% M# ^ F( H J; o+ {" v Q
Restrictions
; J$ v. W( n' |' B2 idisable cookies
- H' l8 {5 @3 [; [, g4 sdisable active scripts
, K% V% {/ p" R, Q" s$ Ldisable Java
5 W3 F' B5 J: R1 `1 v. t* P" Cdisable ActiveX 2 x1 @, I! O, \" y& t8 e) h' p
Use socksification in your browser. This will enable relaying all the information your browser or any other software sends and transfers to the proxy server. 4 ^# A, b% I( W! z" o( u" ~# f
The first method of protection is very easy to pass: it only takes building a site based on Java/JavaScript/Cookies (for example, dynamic menus, etc.). In this case, if you switch off the active scripts, the site will not work (e.g. if you disable cookies, your access to web mail servers may be denied).- Z8 O5 Z; k5 }/ m
7 [8 F5 K1 i* V8 {; ?The second method doesn't provide a 100% guarantee that your IP address will be really protected. Here's why. There are two methods to identify your IP:
3 N: J1 o0 X) u, S% g/ `) K2 i4 ~8 \8 ^) N, k
A Java program connects directly to the Internet (without using proxy), even if your browser is set to work via proxy. So the server gets your real IP address from this Java program.
& R o0 x* T% M5 i! u, LYour Windows settings may be scanned for your real IP address. & t+ W" d2 Q# d
So, socksification can guard you from the first method of IP tracing, but it's totally useless when dealing with the second method.- s1 R& W9 s/ K$ S u2 K' ?2 ?8 [/ @
% s8 H5 x% s$ `: ^. M3 WWhat you need to do if you wish to stay anonymous with enabled Java/JavaScript/ActiveX: ( h# ]$ j# d$ I+ U0 M, z
What's the core of this task and what do you need to do in order to make it work?, t* `7 t/ Q3 v# }5 _+ O6 F5 i
1 q+ k9 V1 V L2 q7 X( Ohide real external IP address in Windows settings
: V3 x" O: ~, I& j' q! _9 qdisable direct connection to the Internet (route it only via an anonymous proxy server) . ]! V; u( a; D
There are two options to solve this problem:: X7 c: w( t! l2 I7 o
; U( g L0 i: ~7 _6 y b: j" l0 aYou need to set up LAN, local IP addresses (192.168.1.x or alike). A corporate proxy server should forwards ALL requests to a free anonymous proxy server (you need to have skills and rights of a system administrator in order to do that). It's impossible to connect to the Internet bypassing a corporate proxy, as long as external IP address is not assigned to local machines. It's also impossible to scan local machine's settings: even if Java/ActiveX applets detects and gives out your local IP address (192.168.1.x) to the web server, your anonymity will remain unbroken. So, basically, you can rate this option as 100% anonymity.
/ d" W, K3 G5 l" d' v; h! XInstall Firewall on your machine and restrict all the connections to the Internet (except for the anonymous proxy server) from a browser. It's also recommended to use port mapping for this free anonymous proxy server and define the browser's proxy as 127.0.0.1 with the local port from port mapping. However, this option can be insecure, because your real external IP address can be transferred to the server (the script will scan the Windows settings and detect your real IP).
* N) h+ h! d# x9 q+ Y" R; g5 GAnd finally: any proxy server, especially a free proxy, keeps logs (reports) with detailed information on every IP sending requests to it as well as on the time of requests. So, any person or organization authorized to access this information can always find out what places in the web you have visited and what you did there, even if you use a chaining of 10 anonymous proxy servers located in different parts of the world. |
|