New section for online security

[C21H30O2]

Hee hee at Danasoft images. So many people get alarmed by those.

Every web site you visit will know your IP address (or that of the proxy you're using). It's the only way they can get get the data packets back to you. Your browser will also send an identification string (identifying the browser, not the user) so that any scripts or content that is browser-dependent or needs to be customised can be dealt with properly.

yes that is true if you use a external proxy it wont show your ip as the webpage is opened at the proxy side before it is re transmited down to your screen. all sites will see your proxy address rather then your real external ip

the real meaning of proxy server is: proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services

most schools and computers use proxy servers to filter information and so on. for example if you use your 3g and are on any network and try browsing a adult site like gambling (i do love roulette) it says confirm your age by entering your bank details that is the proxy server picking it up as a age restricted site and pointing to another website.

[C21H30O2]

ow i forgot to say before but using hidemyass is pritty good at hiding your real external ip its a free external proxy. how ever the add at he top is very annoying and it can be slow as alot of people use it

[Anonymiss]

yes that is true if you use a external proxy it wont show your ip as the webpage is opened at the proxy side before it is re transmited down to your screen. all sites will see your proxy address rather then your real external ip

Fair point. But it does depend on how anonymous the proxy is. Some, in fact quite a few, will pass HTTP_VIA, HTTP_PROXY_CONNECTION, HTTP_X_FORWARDED_FOR and CLIENT_IP headers which will give the user's real IP address away.

the real meaning of proxy server is: proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services

I know. I spent a few years installing, configuring and running proxies and other services.


These proxy tests may be useful to some of the people reading this thread:
http://checker.samair.ru/
http://www.lagado.com/proxy-test

Firefox users may want to investigate the FoxyProxy addon, which is a relatively easy to use proxy manager.

[C21H30O2]

fookin ell.. i ain´t got a clue wot ur on about.. lol.lol.. but i did like the clever use of ur name m8(C21H30O2).. so are we safe on ere or not-- :P

cant say havnt tried getting into the server and dont want to get banned :$

[C21H30O2]

Fair point. But it does depend on how anonymous the proxy is. Some, in fact quite a few, will pass HTTP_VIA, HTTP_PROXY_CONNECTION, HTTP_X_FORWARDED_FOR and CLIENT_IP

this totaly depends on how the proxy is setup. on how headers are passed down it is not by default for all proxys

by far ubunto or other linux flavour systems are alot easier to hide on the internet then a windows machine
i dont use proxy the field of technology is a diffrent flavour. if you want to go super duper secure you could always put a 2048bit cert on this site and stick it https :P but i really dont see the point of that

[Anonymiss]

this totaly depends on how the proxy is setup. on how headers are passed down it is not by default for all proxys

I know, and I did say 'some, in fact quite a few'. There are a lot of badly-configured servers out there.

The most popular proxy software, Squid, passes some or all of those headers by default. They have to be specifically disabled in the configuration files. It's the same with browser identifier strings.

I mostly don't use proxies any more, and use Tor instead.



ETA: Just in case any readers misunderstand, Squid is server-side proxy software. It's not something that you run at home.

[Anonymiss]

if you want to go super duper secure you could always put a 2048bit cert on this site and stick it https

That will stop people snooping the traffic (unless someone stages a MITM attack) but it won't stop a site getting your IP address.

[C21H30O2]

I know, and I did say 'some, in fact quite a few'. There are a lot of badly-configured servers out there.

The most popular proxy software, Squid, passes some or all of those headers by default. They have to be specifically disabled in the configuration files. It's the same with browser identifier strings.


I mostly don't use proxies any more, and use Tor instead.

i think sticking to linux/ubunto in a vm is m prefered method :P or grab a vpx its free :P

[Diply]

i love a supernerd conversation as much as the next guy, but it might be too much information fo some. I think vjxs is after an 'anyone can follow this' type of guide?

[C21H30O2]

That will stop people snooping the traffic (unless someone stages a MITM attack) but it won't stop a site getting your IP address.

its not about the site getting the ip address thats conserning at the end of the day a requset is sent from your desktop to the site from a ip then must be forwarded back to some were. and that foward is back to u using a ssl connection stops users from getting info off a site with out going threw medium to hard penenertraion attacks. for a program to decrypt a 2048 bit cert it takse 3 years for a 1024 it takes 3 days...