What is with it saying proxy detected

Printable View

June 3rd, 2003, 01:21 AM
tammy_hope

What is with it saying proxy detected

What is with it saying proxy detected under neath the amount of posts iv made?? and above the tutorials posted??
please inform me of this if u know...
thanks...
June 3rd, 2003, 01:39 AM
tammy_hope

So is it a good thing that it is being publacized, i havnt seen anyother ppl with it detected thats all...
June 3rd, 2003, 01:40 AM
Negative

test...
June 3rd, 2003, 01:41 AM
tammy_hope

Negative waht do u mean when u say tese??

Negative what exactly do u mean when u say test??
(sorry 4 dub post was correcting spelling)
June 3rd, 2003, 01:46 AM
Negative

test2
June 3rd, 2003, 01:46 AM
tammy_hope

ok so how can i get rid of it "hide it" from public view??
June 3rd, 2003, 01:51 AM
Negative

Tammy > I just tested it, and it works...
If it says you're using a proxy, you probably are. Try this... does it say you're using a proxy? If so, do a Google on htpp/socks/whatever-proxies... to summarize: yes, it *can* be a good thing... There are loads of posts on AO explaining what a proxy is...
June 3rd, 2003, 01:51 AM
tammy_hope

How did u test it?? p.s verry cute bitmap, ok thats weird...
please explain what that ment
June 3rd, 2003, 04:13 AM
MemorY

Quote:

What is an HTTP proxy?
When you use a web browser (such as Netscape's Communicator or Microsoft's Internet Explorer) to view web pages from the Internet, the browser uses HTTP (Hyper-Text Transfer Protocol) to request the text and images from the remote server. These requests are made directly from your browser to the remote machine. HTTP also allows you to use an intermediary to make the requests on your behalf. Such an intermediary is known as a proxy server.

When configured to use a proxy, your browser makes HTTP requests to the proxy instead of going directly to the remote host. In turn, the proxy makes the same request on your behalf. The idea was developed originally to allow folks working on a private network hiding behind a secure firewall egress through the firewall to HTTP servers on the outside. The proxy was part of the firewall and its use would further enhance security by disguising the origin of the HTTP request.

This idea has been elaborated upon in recent years to provide other enhancements to HTTP.

From :http://www.vineyard.net/vni/faq/proxy.shtml

http://mikhed.narod.ru/en/free_proxy/faq/ ( for newbies and advanced user FAQ's on Proxy )
June 3rd, 2003, 05:13 AM
cheyenne1212

Just for the heck of it I found a public proxy and am usiing it right now but it sure does slow my internect connection down. I am using dial up, but this is ridicuously slow with the proxy server.
June 3rd, 2003, 06:05 AM
tammy_hope

thanks doods 4 ur answers,
June 3rd, 2003, 06:23 AM
MemorY

cheyyenne ... depend what kind of Proxy server you are suing .. here are some good websites with lot of proxy servers to use ....

http://www.proxybench.com/proxy/proxylist.asp?

http://theproxyconnection.com/proxylist4.html

http://www.multiproxy.org/all_proxy.htm

http://www.proxys4all.com/topten.shtml
June 3rd, 2003, 02:13 PM
Networker

Cool test negative!
I'm wondering how the proxy detection works and if it could be turn around!

I can't find any RFC on the subject except "Classical versus Transparent IP Proxies", RFC1919, INFORMATIONAL.

Is there a bit smwh in the HTTP header giving the info? if yes can it be changed?
June 3rd, 2003, 02:51 PM
Negative

Networker:

Here's the (php)-code for the proxy detection script:

Code:

<?php print ("Your remote address is $REMOTE_ADDR "); print ("Your remote host is $REMOTE_HOST "); print ("You're being forwarded from $HTTP_X_FORWARDED_FOR "); if ($REMOTE_ADDR = $HTTP_X_FORWARDED_FOR) { print ("You seem to be using a proxy "); } else { print ("You don't seem to be using a proxy "); } ?>

Cheyenne: if you're after a proxy for anonimity, you'll probably be disappointed by the speed (unless you're willing to pay). What I use is a caching proxy: all it does is cache webpages that are requested, thus speeding up my connection. Whenever I request something that has been requested before, my browser will just grab it from the cache. By no means is it anonymous: the HTTP_X_FORWARDED_FOR header will reveal my 'real' information.
June 3rd, 2003, 03:50 PM
neel

The php script Negative posted just compares the $REMOTE_ADDR wich contains yer real ip (the proxy needs to know were to send it) and the $HTTP_X_FORWARDED_FOR wich contains the host of the proxy (wich you can change with software like proxomitron btw). So if it says proxy detected, you don't have an anonimous proxy... Maybe that cleared it up a little more...
June 3rd, 2003, 03:58 PM
RogueSpy

Test
June 3rd, 2003, 04:00 PM
DjM

Quote:

Originally posted here by RogueSpy
Test

And what is it we're testing Rogue?

Cheers:
June 3rd, 2003, 04:10 PM
RogueSpy

damn. . . . oh well.
June 3rd, 2003, 04:14 PM
neel

lol

test from me to then... this one should be *wihout* the proxy detected, while my previous was with one...
June 3rd, 2003, 04:16 PM
Networker

yeah thanx neel & negative for the tip,
assuming the fact that proxy being used is not anonymous, where within the HTTP protocol signaling does the real IP given out?

To be more specific do u know where I could find a sort of Proxy implementation "standard"?
June 3rd, 2003, 05:14 PM
RogueSpy

ack. . . can't find a proxy on those sites that works.
June 3rd, 2003, 05:52 PM
Networker

I found an RFC as a proposed standard for proxy apps. RFC1928

The protocol is called SOCKS, but I don't know how wild it is used in the "real world" and I can't found any info about the real IPaddy being propagated within signalling.

I can undersatnd the Negative script but where is coming from the $REMOTE_ADDR ???
I can't figure it out :(
June 3rd, 2003, 06:12 PM
neel

The webserver recieves packets from you with information about were to send it back to. The webservers pases it to the php variable $REMOTE_ADDR and $REMOTE_HOST... you can't just change them because you wouldn't be able to recieve anything back. The x_forwarded_for can be easily changed, because it doesn't really have a role in the whole system exept for giving some intel to scipts that use it... You can only change the $remote_addr by using a different ip, wich can be done by a proxy who sents a request for the page of it's own and then sends it to you again, so the server doesn't get to know your ip in any way. Like Negative said, those things are often pretty slow and/or cost money... Is that what you wanted to know ?
June 3rd, 2003, 06:24 PM
Negative

$HTTP_X_FORWARDED_FOR origininates from the http-request itself.

$REMOTE_ADDR doesn't: $REMOTE_ADDR originates from the IP-header (a header added on the Network-layer level by the IP protocol, containing both the transmitter's and the receiver's IP-address).

Here is a nice overview of the socks-protocol.
This part is interesting:
When an application client needs to connect to an application server, the client connects to a SOCKS proxy server. The proxy server connects to the application server on behalf of the client, and relays data between the client and the application server. For the application server, the proxy server is the client.
This makes a socks-proxy as good as anonymous (given that the socks-owner is trustworthy).
You'll also find a tool called Sockscap on that site. It allows you to 'socksify' any internet-based application (browser, e-mail, irc,...). All you need is a socks-proxy that allows connections. There are hundreds of lists of 'free' socks proxies, but finding one that actually works (let alone works *fast*) is umm... not easy. What you could do (and what would be illegal) is scan a range of ip-addies for open 1080-ports, then use Sockscap to connect through them. Illegal and slow, but as good as anonymous... There are services that allow you to do the same if you don't mind paying...
June 4th, 2003, 09:45 AM
Networker

thank u both;
here is some additional info extract from RFC2616 HTTP/1.1

Quote:

Elaborate user-customized accept header fields sent in every request, in particular if these include quality values, can be used by servers as relatively reliable and long-lived user identifiers. Such user identifiers would allow content providers to do click-trail tracking, and would allow collaborating content providers to match cross-server click-trails or form submissions of individual users. Note that for many users not behind a proxy, the network address of the host running the user agent will also serve as a long-lived user identifier. In environments where proxies are used to enhance privacy, user agents ought to be conservative in offering accept header configuration options to end users.
As an extreme privacy measure, proxies could filter the accept headers in relayed requests. General purpose user agents which provide a high degree of header configurability SHOULD warn users about the loss of privacy which can be involved.
June 20th, 2003, 06:24 PM
noODle

I am not 100% clear.
When I post this one it does not say proxy detected.
However when I visit all-nettools.com it tells me the address of the proxy as well as my own address (like the script from Negative). Then when I visit Negatives site it is telling me I do not appear to be using a proxy BUT returns me the IP of the proxy server and NOT mine.
Also on GRC it reports the IP of the proxy.
Am I missing something here.
Not that it matters that much but I am just curious.

Thanks
NoOdLe :)
June 20th, 2003, 08:39 PM
bludgeon

Nope, that's what Neel said, if it doesn't say proxy detected then your proxy is anonymous, if it does say it then it's a cache proxy or something similar. . . :), heh heh, I can learn.

Quote:

So if it says proxy detected, you don't have an anonimous proxy... Maybe that cleared it up a little more...
June 20th, 2003, 08:42 PM
noODle

Ah that clears it up. Guess I missed that when I was reading the thread.
Thanks bludgeon.