Thursday, May 15, 2008

Using proxies (the basics for noobs)

1. Introduction:

This is intended as a summary of proxy basics. A reminder as to why its required. Anonymity is needed because there are people who surf the net looking for other people's ip address or url name so they can then publicly malign them by finding their "true" identity and telling the world this person eats spam or likes to watch the grass grow, or in the case of an Advertising Corporation which will sell your identity to some retailer like WalMart. So some basic precautions that you need to take to avoid this are: using a proxy, disabling all cookie options, java, active-x, and all scripting options in your internet browser, print and file sharing in NetBios, and also installing a firewall. The following text attempts to be a summary of those basic methods by which you can anonymously communicate with other like minded persons.

2. Just a number? :
Before you can understand how best to protect your privacy, it's helpful to know just what information you're generating when you connect to the net, and how easy this is to trace.

At the very lowest level, when you connect to a website it will receive a record of your IP address - the unique number that indicates which computer you're using. If you use an ISP like Demon, that gives you a fixed address, that's enough to pinpoint your account. With a dynamic address, it'll pinpoint the modem line you connected to. Finding out which customer was using that line means matching up a time with the records from the computers that handle your login. On a busy system, that could mean finding one from tens of thousands of entries, but it can be done. This is how the police were able to track the source of the Love Bug virus to a dialup account used by a group of students in the Philippines. Some systems, such as AOL, might share an IP address between more than one user. The same is true of some corporate gateways to the net; but even so, there will usually be a way to work back to a specific system, even if it involves trawling through pages of log files. One way of hiding these sites is to go via a proxy, making the address that appears in the web server's logs that of the proxy server. Of course, all that's really doing is adding another link to the chain, since the proxy server will have a record of what you're asking it to do. But with the Proxy Server resident in a foreign country this is time consuming, probably not practicable and faced with proxy chaining, most will just give up. This is also what makes proxy servers a useful tool for those who want to see what you're up to. Even though you may not think your web requests are going through one, many internet service providers (ISPs) use so-called 'forced proxying'. This means that all web requests are routed via a transparent proxy. You don't need to change any settings in your browser, but the effect is the same. For an organization or country that wants to control and monitor what people are seeing on the web, it's ideal.

Thoughts regarding the use of system logs as evidence: Log files make crap evidence, for a start they're easily forged, and you're reliant upon computer generated evidence. What jury will believe a computer over a human? At best log files are supporting evidence, in most cases they only show logins, connections and other impersonal evidence, no log can say BEYOND REASONABLE DOUBT that someone did something, they only say this machine number connected at this time, it don't say anything about the identity of the person. If in doubt, deny everything, after all its the job of the prosecution to prove you are guilty of some misdemeanor.

3. What is a proxy server:-
A Proxy Server is a firewall and cache server. It can allow an entire network of computers to access the internet(http or ftp) with a single IP. it can act as a kind of filter for that network. Let's say you have 3 computers in some small network in japan going through a proxy server, schematically it looks like this.

1. ------->|
2. ------->|Proxy Server ----> The Web Site
3. ------->|

If you are at home with internet access through your ISP, this is what your connection looks like :
(PC)------>Your ISP ----> The Web Site
If the proxy server in the network above allows other users to use it we can do this :
(PC)------->Your ISP ---->Proxy Server ----> The Web Site
From the above diagram we can go through the proxy server and hide our real ip address or url name! The Web Site will only see the ip address or url name of the proxy server and NOT that of your isp, thereby making you anonymous!

4. Why Use One:-

* To act as a security firewall or ip filter.
* To reduce the network load by caching commonly requested pages.
* To translate the material into another language.
* To improve access speed for users, achieved by caching.

Our interest lies in the first option i.e. becoming anonymous and Surfing Safe It isn't guaranteed that simply by using a proxy you will be anonymous. Some proxy servers will forward your real ip at random intervals others do it by default, others do by request from the web site that you visit. This makes it necessary to test your proxy for anonymous status at a Proxy Checking site. These sites will allow you to test the information or headers that are passed from the proxy server to the web site, careful inspection of these will allow you to decide just how anonymous you really are. An example header is:
HTTP_USER_AGENT: IE5 WIN2000which tells the site your browser and operating system type. So once you enter a website, and click any one of the files on the webserver, the website owners can find out these items of information about you, and much more:

1. Your IP Address.
2. Your hostname.
3. Your continent.
4. Your country.
5. Your city.
6. Your web browser.
7. Your Operating System.
8. Your screen resolution.
9. Your screen colors.
10. The previous URL you visited.
11. Your ISP.

5. Proxy Types:-
The two most commonly used proxy types are http and socks each uses the common ports 8080, 1080 respectively. http proxies are for use with your browser. Socks which is a valid proxy alternative allows you sockisfy http, ftp, telnet, nntp, and common chat protocols similar to icq, hotline.

For more information visit Proxy Server