Ive been hunting for a few places that have some good proxies, free/public of course... The only site that I have found to really be of use is: http://nntime.com/
Anyone got another site to share?
Printable View
Ive been hunting for a few places that have some good proxies, free/public of course... The only site that I have found to really be of use is: http://nntime.com/
Anyone got another site to share?
I use the proxies from this website the only ones I do use are the anonymous proxy servers running on port 8080. You can get them from here: http://www.publicproxyservers.com/page1.html and also
http://www.free-proxy-servers.com/fr...ss=list&page=1 <---which is very good. IMO
Here is a google search I did for you just to see what would come up here are the results: http://www.google.com/search?hl=en&q=public+proxies
http://www.google.com/search?hl=en&l...s+proxy+server
http://www.google.com/search?hl=en&l...s+%27europe%27
Hope this helps; Computernerd22
216.154.206.80:80
80.53.202.134:80
84.40.137.18:80
170.145.102.22:80
80.24.228.99:80
80.26.68.227:80
213.98.107.155:80
217.127.111.144:80
210.105.204.13:80
80.53.109.118:80
163.16.52.253:80
217.127.239.75:80
80.35.16.54:80
217.125.14.35:80
203.160.186.69:80
61.242.223.66:80
196.40.62.126:80
62.245.231.130:80
68.249.210.14:80
80.207.188.140:80
212.155.169.124:80
24.4.97.83:80
212.234.28.89:80
194.30.228.12:80
211.146.164.106:80
217.125.36.76:80
80.38.212.134:80
203.152.24.38:80
65.173.174.252:80
195.115.187.141:80
80.58.2.44:80
203.113.132.36:80
170.155.2.39:80
66.134.252.243:80
212.170.2.241:80
129.33.10.31:80
66.148.141.222:444
208.24.169.20:444
69.142.157.228:80
64.165.27.107:444
66.208.250.87:444
64.139.64.149:444
67.102.57.230:444
216.196.59.46:444
66.208.206.239:444
198.109.197.254:444
216.210.159.154:444
216.132.3.61:444
63.89.11.236:80
165.228.244.158:80
193.170.123.17:8080
193.170.123.19:8080
217.153.31.56:80
212.116.209.234:8080
84.50.73.110:80
194.30.228.12:80
210.17.252.52:3128
203.96.25.7:80
24.123.210.70:80
210.32.200.83:80
82.154.249.58:80
12.46.106.179:80
217.126.2.122:80
80.64.232.17:80
81.65.32.27:8080
82.67.10.175:80
129.33.12.42:80
80.245.39.46:80
80.26.116.218:80
66.1.140.125:444
24.232.26.59:8080
84.11.44.242:3128
217.125.21.161:80
210.17.170.14:3128
219.93.211.74:80.
217.180.28.210:80
216.41.79.170:444
210.226.234.18:444
66.208.233.86:444
65.84.245.158:444
210.212.31.194:3128
210.174.105.58:444
217.125.102.198:80
216.210.159.154:444
210.212.246.53:3128
210.105.204.13:80,
216.38.134.146:444
193.170.123.17:8080
pop.kripton.co.jp:444
210.141.111.34:444
63.167.184.11:80
219.93.211.74:80
62.39.118.246:8000
212.135.162.82:444
195.115.187.140:80
217.219.61.67:3128,
210.17.170.14:3128.
mail.gbblawyers.com:444
more.... tested for anomity
85.226.46.27:3382
84.50.73.110:80
84.244.4.225:8118
84.16.228.179:8080
83.250.144.119:3382
83.228.49.79:80
83.160.3.194:80
83.16.60.46:80
83.144.95.179:3382
82.67.10.175:80
82.237.216.153:80
82.205.221.7:80
82.201.185.22:8080
82.190.181.197:8080
82.185.124.122:80
82.161.8.82:80
82.161.48.17:8080
82.112.196.50:8080
82.105.73.81:80
82.101.132.204:8080
81.80.26.105:8080
80.28.207.180:80
80.254.183.75:80
80.237.140.233:80
80.227.56.46:8080
80.207.188.140:80
80.177.102.242:80
70.60.43.74:80
69.90.134.140:8080
69.251.108.153:8416
69.213.29.133:3128
69.168.129.246:2301
68.88.228.180:80
68.85.250.169:444
68.197.13.200:3382
68.188.74.181:6588
68.167.57.14:80
68.161.126.58:8080
68.157.145.20:80
68.153.138.82:3128
68.121.214.236:444
68.111.152.40:444
68.106.49.246:8080
67.99.4.162:80
67.72.25.2:80
67.39.117.208:8080
67.191.59.181:3382
67.180.239.246:80
67.153.93.162:80
67.136.230.150:8080
67.102.57.230:444
66.66.222.142:80
66.59.229.4:80
66.208.251.93:444
66.208.247.133:444
66.208.233.86:444
66.208.219.59:444
66.208.207.19:444
66.208.202.9:8002
66.208.200.72:8002
66.208.200.50:444
66.208.197.52:444
66.208.197.213:8002
66.208.192.171:444
66.194.253.203:80
66.12.7.222:2904
66.114.116.22:80
65.83.21.11:8080
65.68.11.185:444
65.43.75.57:444
65.171.1.12:8080
64.86.208.212:80
64.77.164.2:8080
64.76.50.66:6588
64.66.0.64:444
64.31.175.146:80
64.235.204.179:8080
64.166.236.145:444
64.139.90.42:444
64.139.81.211:8002
64.109.242.65:80
63.89.11.236:80
63.245.22.2:444
63.241.72.171:8080
63.218.109.130:8080
63.201.54.197:80
63.197.239.139:80
62.93.97.90:80
62.248.110.2:80
62.245.231.130:80
62.214.99.107:3128
62.121.71.181:80
61.74.253.23:444
61.64.69.11:80
61.61.254.197:80
61.40.120.110:2301
61.26.129.215:8080
61.25.81.189:8080
61.25.68.235:8080
61.222.62.106:80
61.194.238.60:8000
61.19.42.147:8080
61.19.158.50:8080
61.187.56.20:444
61.186.158.186:80
61.178.185.56:80
61.177.252.90:8000
61.153.27.226:8080
61.153.0.8:80
61.150.115.245:8080
61.131.63.62:8080
61.131.63.210:8080
61.131.56.186:3128
61.131.51.91:3128
24.97.174.130:80
24.9.182.116:8080
24.55.54.155:8080
24.44.191.114:3382
24.4.97.83:80
24.31.250.5:80
24.239.248.21:80
24.232.26.59:8080
24.232.206.186:3128
24.177.141.53:80
24.158.18.138:80
24.148.135.81:3382
24.128.67.59:8080
24.123.210.70:80
24.119.88.62:6588
222.126.60.206:8080
221.186.138.132:80
221.15.5.4:8080
221.142.244.144:80
221.116.183.53:8080
221.10.124.34:8080
220.202.150.210:80
220.162.198.229:3128
220.130.164.217:80
220.106.0.34:80
219.93.72.38:8080
219.93.211.74:80
219.93.190.194:80
219.235.236.101:8080
219.223.112.1:8080
219.163.86.170:444
219.163.53.83:444
219.149.233.179:8080
219.142.111.69:8080
219.123.226.91:80
218.94.76.250:3128
218.94.61.136:80
217.27.162.57:80
217.218.233.73:80
217.10.253.239:3128
216.65.197.216:80
216.62.178.67:2301
216.38.134.146:444
216.37.138.189:80
216.30.246.83:8080
216.154.206.80:80
216.154.0.62:80
216.142.65.247:8000
216.126.141.40:8983
216.101.137.93:80
213.162.50.228:80
213.139.47.84:8080
213.115.184.126:3128
212.123.204.115:80
212.0.128.2:80
211.98.24.6:8080
211.97.68.211:3128
211.97.67.33:3128
211.78.176.252:8080
211.162.30.114:8080
211.146.6.11:80
211.138.109.34:3128
211.126.213.36:8080
211.100.226.6:1026
211.100.226.43:1026
210.95.121.54:8888
210.83.8.142:8888
210.82.185.41:3128
210.73.73.108:80
210.61.82.71:80
210.51.192.194:8080
210.240.77.6:80
210.212.246.53:3128
210.212.204.242:80
210.212.204.241:80
210.212.0.193:444
210.210.75.100:80
210.193.7.126:8080
210.17.252.52:3128
210.105.204.13:80
210.0.209.47:80
209.7.219.21:8080
209.38.232.98:8000
209.158.161.50:81
208.44.224.121:8000
208.179.120.34:8000
207.248.240.119:80
207.248.240.118:80
206.253.46.6:8080
206.169.87.238:8000
206.167.24.22:80
205.208.226.61:8888
205.208.226.61:3128
204.253.88.73:1027
204.186.159.229:3536
203.90.127.147:80
203.41.255.141:80
203.199.92.158:80
203.175.254.38:808
203.169.250.29:80
203.146.227.227:80
203.144.216.211:80
203.116.214.2:80
203.115.81.114:6588
203.113.132.62:80
203.113.132.36:80
202.92.84.142:80
202.44.175.84:80
202.224.24.121:8080
202.218.5.239:80
202.110.36.15:8080
201.6.239.11:6588
201.225.30.242:8080
201.17.167.229:6588
201.12.24.253:3128
200.93.117.87:6588
200.89.98.128:6588
200.87.126.186:6588
200.54.170.163:80
200.54.153.122:8080
200.42.216.191:6588
200.253.154.142:6588
200.250.216.99:80
200.242.249.70:80
200.220.216.46:6588
200.201.179.50:8080
200.180.156.10:3128
200.177.221.94:6588
200.176.36.250:6588
200.155.57.39:6588
200.155.29.38:6588
200.123.9.122:80
200.107.34.233:80
199.227.27.158:8080
199.181.178.37:8080
198.248.90.200:8000
198.248.87.238:8000
198.183.172.232:2301
198.108.227.199:8080
196.200.23.100:8080
196.15.207.21:1028
196.15.164.228:80
195.55.164.8:80
195.28.185.208:3382
195.229.92.86:8080
195.228.228.120:3128
195.184.37.21:80
195.176.135.170:3128
195.15.15.210:8002
194.63.250.154:80
194.63.224.177:8080
194.63.196.89:80
194.30.228.12:80
194.249.66.110:444
194.129.118.249:8080
193.252.0.54:444
193.251.10.33:8000
193.197.168.75:80
193.188.77.2:8080
193.171.32.4:8080
193.170.210.9:80
193.170.207.5:3128
193.170.123.19:8080
193.140.140.70:8080
193.140.129.194:8080
192.165.223.227:80
168.172.128.94:80
168.11.49.5:8080
166.114.30.40:80
163.30.203.246:8080
148.244.150.58:80
148.244.150.57:80
148.244.150.52:80
145.99.192.88:3128
140.96.178.113:8080
134.221.51.39:2301
130.184.200.12:2301
129.33.12.42:80
129.33.12.41:80
129.192.124.6:80
12.46.106.179:80
12.223.123.55:80
12.154.0.243:8002
12.103.151.174:444
82.161.184.179:80
217.219.37.238:80
217.125.21.161:80
80.26.4.209:80
217.125.78.118:80
217.125.102.198:80
213.96.24.190:80
217.126.35.10:80
80.26.113.195:80
213.98.107.155:80
217.126.2.122:80
217.125.109.103:80
80.33.104.158:80
217.127.111.144:80
80.26.116.218:80
80.25.156.238:80
217.125.36.76:80
80.25.150.39:80
80.25.130.118:80
80.33.75.177:80
80.24.166.51:80
213.98.161.213:80
217.126.80.73:80
212.170.2.241:80
213.96.242.25:80
83.42.21.153:80
213.97.196.205:80
217.127.82.122:80
213.96.243.141:80
80.33.255.220:80
213.98.147.33:80
80.26.37.180:80
213.98.26.54:80
80.26.68.227:80
80.24.86.247:80
80.32.151.115:80
80.26.58.29:80
80.33.236.47:80
67.99.5.145:80
65.241.12.142:80
65.173.174.252:80
217.180.28.210:80
62.128.238.209:80
61.61.39.1:80
61.219.48.218:80
61.208.132.2:8080
202.203.208.160:8080
210.163.44.195:8080
219.94.45.37:8080
216.43.18.221:2301
204.153.192.1:80
213.255.224.143:3128
213.201.178.131:80
212.234.28.91:80
212.199.177.63:80
212.172.64.220:80
212.0.128.15:80
211.231.187.4:80
221.195.72.51:3128
202.89.38.122:80
210.253.40.113:80
206.72.21.225:80
206.111.141.20:2301
204.59.5.193:80
220.245.128.27:80
202.175.234.166:80
202.175.60.214:80
203.96.25.7:80
202.147.183.180:80
210.17.170.14:3128
202.128.84.65:80
200.58.179.119:80
200.31.137.108:8080
195.229.220.133:8080
195.115.187.141:80
194.27.157.249:80
193.170.207.11:3128
193.170.123.17:8080
168.143.113.13:80
168.143.113.12:80
165.248.104.111:80
165.228.244.158:80
163.20.121.66:80
142.26.1.3:80
And here is the biggest misconception about proxy servers. There is but one simple truth about proxies: they are not anonymous. If you care to test this truth, go ahead and do something stupid using an "anonymous" proxy. The term is as rediculous as the idea if you truly understand what a proxy is used for.Quote:
more.... tested for anomity
You may be able to duck and hide from those who don't understand how networking operates, but in the end, you will be pwn3d by those who do and by those who you will meet behind bars.
--TH13
Is there a way to use more than one proxy at a time?
like:
computer > proxy1 > proxy2 > site
I have used the proxy switcher for firefox where you can set it to change your proxy every so often, but what about chaining multiple proxies?
Yes you can use as many as you want , but the speed is the problem because as many proxys you put as slower your connection to that site will be. So there is no need for long proxy chains, and as thehorse13 said it wont help you if you are about to do something bad :)
Would you please elborate more on "why" proxies and even multi proxies are useless in hiding the host computer from any attribution. Please?
I am intested in tracking the intruder's down. I believe the term is called attribution.
To know your enemy and how they act and their weaknesses of course is my goal here.
Why/what can/should I be doing besides reviewing the logs and tracing the IP's?
Thank you
RP
Considering those proxies are more than likely college dorm room boxes and zombies they simply can't be trusted.
All depends on who owns them and how they're designed. Something like tor (http://tor.eff.org) for example (100 nodes now) which your connection runs through onion routers would be a better solution. I think it's encrypted between the onion routers too, so they don't know whats being passed through them either at any point of the routing. I'm not sure about that though...
It obscures your identity but to what extent depends on a lot.
edit:
I'm looking at tor and it looks like your traffic is encrypted until it hits the outer layer of the onion route. Wouldn't that mean that some kind of key would have to follow the path until it gets to the outer layer? And would that also mean that the routers have access to the traffic?
So in short, how does the end of the route decrypt the traffic originating from myself, without making any contact with me (the entire point of tor) without passing a key along? If the source would know the destiniation, to say provide it with a public key, then the destination would know who the source is defeating the purpose of the onion route???
Am I making sense? :bawling:
http://tor.eff.org/overview.html
First of all thanks for all the proxies and best locations to get them. Second, proxies might not be completely anonymous, but if you link/tunnel them to some of the fastest servers in your list.... You might end up surfing around a little slower, but if someone really wants to track you for something, at least you are making them work for it.
no comments on the onion router at this point.... :eek:
when i said tested for anomyty, these proxies doesnt spit your exact location. there are 5 levels, the best ones are level 1. why wouldt you try out one and find out.
Even the highest level anony proxy will still leave a paper trail (logs of some sort). It just depends on how much the server logs and how much someone wants to dig through IP's until they find you..
Introduction: This is a tutorial on chaining proxies for the use of becoming more anonymous while online. There aren’t enough tutorials online about this subject so I decided to make an attempt at writing one. Since it’s on the subject, I included a section on chaining wingates to become anonymous on telnet.
*************************
I’m going to assume that most of you have already used a proxy before to hide your real IP address or domain or maybe just used one to surf anonymously online. If you didn’t, well hopefully you can keep up and possibly learn how to use a proxy. Its also best if you know what an IP address or Domain is first, before reading this tutorial. Hmm, I guess I have to show you where to find a proxy too. Well I find that good, updated proxy websites are…
http://www.multiproxy.org/anon_list.htm
http://tools.rosinstrument.com/proxy/
It will be up to you to figure out which ones work or not. I’m not going to do all the work for you :-). You can check and see if the proxy works by going to http://www.privacy.net to see if your IP address changed.
*************************
Proxy Servers
A proxy is a server that acts as a gateway between your computer and your destination (website, IRC chat, etc.). These proxies receive requests from users to view, for example, a web page. The proxy will then forward the request to the internet, find your requested page, then send the web page back to you, the user. Most proxies come with a cache (sounds like “cash”) feature that saves former websites that were visited on that proxy. Think of cache as a proxy’s storage room. Each site that you make the proxy visit, it saves in its own storage area (cache). So if the user or someone else requests the same site again later on, the proxy will go back into its cache, find the web page and send it back to the user. This saves time because the proxy doesn’t have to go search the Internet for the web page. It just pulls the site out of its cache.
The use of proxies to stay anonymous is a favorite thing to do among people on the Internet who are either paranoid or just security conscious. The anonymity factor comes from the proxy’s ability to hide your true Internet address. For example, if I were to run a scan on your computer right now, I would get the Internet address that was given to you by your ISP (internet service provider), but if I were to scan you while you were using a proxy, then I would get the Internet address of the proxy server. Basically the whole proxy picture looks like this…
[User]>>>>>[Proxy]>>>>>[Web Pages]
Simple enough, right? Right. So now let’s get to the chaining part.
Proxy Chaining
Proxy chaining is merely connecting to more than one proxy and then to your intended destination. You can use as many proxy servers as you can or want. The more you have, the more anonymous you will be. Remember, it doesn’t matter how many proxies you chain together, you will never be 100% anonymous. Let’s look at an example…
[User]>>>>>[Proxy1]>>>>>[Proxy2]>>>>>[Proxy3]>>>>>[Proxy4]>>>>>[Destination]
The example shows that for a proxy chain to be created, the user must first connect to Proxy1. Once the user is connected to Proxy1, from Proxy1, the user will connect to Proxy2, from Proxy2, the user will connect to Proxy3, from Proxy3, the user will connect to Proxy4, from Proxy4, the user will then connect to the intended destination (web page, Unix server, ftp server, etc.). All together we have 4 proxies in this example. Each proxy is a link in the chain. If the user would be scanned while on the proxy chain in the example, the IP address or domain of Proxy4 would appear on the scan. Now the problem with proxies is they tend to “die out” in a few weeks or less. It all depends. So if Proxy2 were to cease functioning, the chain wouldn’t work. You would need to get rid of Proxy2 and just use Proxy1, Proxy3, and Proxy4 or find another proxy to take Proxy2’s place. This is why proxy chaining can be a real pain if you are using them just to surf the net. If one dies, you have to figure out which one is the one not working, so you have to go through each one to check them or until you find the one that isn’t working.
Proxy chaining is a necessity if you plan on using proxies to execute a “hack”. If you are attempting to gain unauthorized remote access to any server, whether it is through telnet, ftp, or http, chaining is a must. As I said, you will never be 100% anonymous no matter what you do online so it is possible that you still can be tracked even if u chain proxies. Chaining just makes it a lot hard to track someone. To make it even harder, its best to use foreign proxies because if someone wanted to trace you, they would need to get logs of your use of each proxy from each proxy administrator. This could take quite a while or even never at all if one of the proxy’s, or all for that matter, belong to an admin in a country that isn’t too fond of the country you are located in. The longer it takes for the authorities to subpoena the logs of your usage of a single proxy from that proxy’s administrator, the more chance that the other proxies that you used in the chain will have their logs deleted by the time anyone gets to the server administrators of those proxies. So when attempting to do any kind of “hack”, it’s best to use at least five or six proxies in a chain.
HTTP Chaining
HTTP chaining is basically chaining a proxy server in your browser’s address bar. Example…
http://proxy.magusnet.com/-_-http ://www.google.com
Notice how the above proxy and destination (yahoo) are seperated by a (-_-) If you wanted to make a chain out of this you would simply add another proxy ex. ( http://proxy.server1.com/-_-http ://proxy.server2.com/-_-http://www.destination.com)
Another way to use proxys in your address bar is by adding the proxy IP or domain then the port number. Example…
http://anon.free.anonymizer.com :80/http://www.google.com
Notice how the above proxy and destination server are seperated this time by a (/) forward slash instead of a (-_-) dash, underscore, dash. To make a chain out of this you would again simply add another proxy ex. ( http://proxy1 :80/http://proxy2:80/proxy3:80/http://www.yahoo.com)
Browser Chaining
To browser chain is fairly easy. I’ll use Internet Explorer as an example since I believe it is the browser that most people have and use. First you need to find the Internet Options. You can do this by either finding the Explorer icon on the desktop, right click on it, then press properties or if you have a browser window already opened if you are online then you can go to Tools (or sometimes its View) and press Internet Options. Now that you have the Internet Options window up you can now go to the Connections tab, then go to the first Settings button (not LAN Settings, the one above it) and click it. Now you should be in the Settings box. Put a check in the box where it says to Use a proxy server. Now if you wanted to surf using one proxy you would merely put the proxy in the Address: space and put the proxy’s port number in the Port: space. To use a chain here you would put in a proxy along with a “:” colon then the port number followed by a space separting the next proxy then a “:” colon then the port number then a space and so on. The last proxy you add should have its port number placed inside the Port: space. If you did it, then it should look like this exactly…
Address: 213.234.124.23:80 121.172.148.23:80 143.134.54.67 Port: 80
***Notice that each proxy:port is separated by a space and that the last proxy has its port number placed in the Port: space. Do not check the box marked “Bypass proxy server for local addresses”. Press OK when you see that everything is in working order***
Wingates
A wingate is a proxy server that someone installs onto his/her computer which allows for a single or multiple online connection to take place through port 23, the default telnet port. Depending on their security, some wingates will allow anyone online to connect to them and usually stay “alive” or “working” anywhere from a few days to even months. There are people out there that scan for these Wingates and post the computer’s IP number or domain on their website to give anyone online a free list of them to use. You can also scan them yourself by using programs like WinScan.
Chaining Wingates Using Telnet
I’m going to assume you already know what telnet is so I will just get right down to it. To chain using telnet, you would first bring up the DOS prompt and type in “telnet” then your wingate. (Since telnet’s default port is 23 and all wingates run on port 23, the port number is not necessary but I will add it just to show you how you should type any port number out on screen) Example…
C:\WINDOWS>telnet 61.133.119.130 23
So now you have “telnet”, a space, the wingate IP, a space, then the port number 23. Once you are connected to the wingate it should look like this…
Wingate>
Now you would type your next wingate and port number in, then press enter like so…
Wingate> 203.207.173.166 23
You can continue to do this until you connected to as many Wingates as you need. Once you are finished with your wingates you would connect to your destination. Example…
WinGate>arbornet.org
So now the entire picture would look something like this…
C:\Windows> telnet 61.133.119.130 23
Wingate>203.207.173.166 23
Wingate>135.245.18.167 23
Wingate>m-net.arbornet.org
Connecting to host arbornet.org...Connected
Welcome to the Once and Future M-Net
FreeBSD 4.3 (m-net.arbornet.org) (ttypv)
Enter newuser at the login prompt to create a new account
Enter upgrade at the login prompt to find out about increased access
#1. IE 6 does not support proxy chaining. You fail to mention this.
#2. Go and look up what proxy servers are intended to do.
#3. Please attack my network using a proxy server and I will show you just how easy it is to get the audit trail.
From what I have read recently, In some countries, ISP's are no longer logging dynamic IP assignments for thier customers. Sort of makes the need for a proxy redundant.
http://www.theregister.co.uk/2005/05...os_ip_address/
Soda:
First link in the results
http://www.google.com/search?ie=UTF-...+while+online.
Good catch
I'm goona get alot of **** for this, but the only real use I've found for proxys of any sort is for port redirection, hiding from the RIAA, and browsing pr0n at school.
Let's be honest... the only way to "hide" is to spoof your MAC, connect to a random wireless point, preferably unsecured home routers, and NOT ****ING DO ANYTHING. Because the little old lady across the street got the ****ing license plate for your uber-1337 Nova while you were stealing wifi and called teh police.
If you're not going to take TH's word here, google DCS1000. It's a little black-box that will pwn your ISP's whole network......without any backtalk. They call it the long-arm of the law for a reason.Quote:
Originally posted here by thehorse13
And here is the biggest misconception about proxy servers. There is but one simple truth about proxies: they are not anonymous. If you care to test this truth, go ahead and do something stupid using an "anonymous" proxy. The term is as rediculous as the idea if you truly understand what a proxy is used for.
You may be able to duck and hide from those who don't understand how networking operates, but in the end, you will be pwn3d by those who do and by those who you will meet behind bars.
--TH13
Very good agent Starling. It appears that you are able to read between the lines. Do not worry about me coming after you, the world is a much more interesting place with you in it...Quote:
If you're not going to take TH's word here, google DCS1000. It's a little black-box that will pwn your ISP's whole network......without any backtalk. They call it the long-arm of the law for a reason.
;)
For those who don't get the reference, DCS1000 is the FBI's Carnivore project in a new wrapper. There are other mechanisms within ISP networks that make the notion of anonymous surfing a wonderful urban myth.
***Insert pure West Virginian accent*** You see a lot doctor.
I understand the carnivore situation and what not, and I was not asking about chaining proxies for doing something evil. I was just wondering if it was possible.
I have a question about proxies for IRC, i played with ezbounce and dircproxy a little bit, I am looking to use a proxy on IRC not to hide from the feds, but more to no publically display my ip to people of the script kiddie nature.
Any reccomendations on something like that?
Even IF DCS1000 put a stop to proxies, only higher authority has access to its contents. Someone correct me if I'm wrong. So the average joe would be stuck searching through the trail of proxies your hiding behind.
No one said proxies were 100% anonymous.
The number one reason for me to use proxies in the first place is to be able to at least have a different IP for anonymous reasons as said above.. With all the spam and worms on web pages I would at least like to have my IP posted on the net as least as possible.
As for chaining proxies, never done it but im sure ill try. Im sure there is going to be a day where I need to buy a 'select few' DVD's from the local web shop. Maybe I don't want Joe X at the online video rental store saying my name in his head while looking at my viewing selections... :(
In my opinion, if anyone would try to do somthing malicious it would be much easier to simply use a computer in a school, library, CompUSA or any other location w/ Innternet access. You'd only have to worry about cameras
Unless you went to a school or a library, then you would have to worry about the sysadmins like me that work there.
If "the evildoer" walks into Y O U R library (after he's been footprining your whole network for a week); downloads a custom script that schedules the exploit to run at such and such time from an anon. email service and runs it.
What I am saying that payload can be developed at home and neatly packaged to run from anywhere.
Well, if you are using a high speed connection and/or some kind of SOHO router (i.e. Linksys) then aren't you NATing your internal addy, effectively accomplishing the same thing as a proxy? Unless you have an MX record for your external routable IP and a mail server configured, why would this matter?Quote:
The number one reason for me to use proxies in the first place is to be able to at least have a different IP for anonymous reasons as said above.. With all the spam and worms on web pages I would at least like to have my IP posted on the net as least as possible.
This is what group policy is for. Our public PCs have zero install rights let alone access to administrative functions such as task scheduler. We have it so that users can browse the web and work on word docs stored on removable media. Once they're session is done, we have a method of sanitizing the host (no, not deep freeze) which resets it to our default config. Nothing gets left behind.Quote:
If "the evildoer" walks into Y O U R library (after he's been footprining your whole network for a week); downloads a custom script that schedules the exploit to run at such and such time from an anon. email service and runs it.
What I am saying that payload can be developed at home and neatly packaged to run from anywhere.
PS
If you think that admins aren't watching public access hosts then you are a complete fool. They watch them closer than hosts on their "trusted" network. I use that term loosely as I trust no network. ;)
there's no reason to call me a "fool" ...
you have to look at this scenario from an attackers prespective. if the attacker intends to DOS or do a "drive-by" attack that doesn't require more input from attacker (unlike extortion or interactive zombies) he/she can AUTOMATE AND TIME EXECUTION.
you made a very valid point about group policy (also add a physical access policy) but attacker will not use "your network" or "my network" simply BECAUSE they are secure. h/she will use a CompUSA e-machine, Best Buy application center and not every library has R. Stallmen sitting in a closet. In a weekend of driving around you can probably find and create 20-30 zombies in different places. then attacker can just DOS your "secure network".
this is goes to show to the uninitiated that security is everyone's problem
I agree with thehorse, this was all brought up because someone said they would go to a library or a school to utilize machies for an attack. He merely backed up my point that those places have system administrators too, and that security tends to be taken a little more heavy than security cameras.
question: Would Richard Stallmen help my security by being in the closet? Perhaps he could write a manifesto for me while he is there.
I agree security is important to everyone, in my opinion what would comp usa or a best buy need there computers hooked up to the internet for anyway? The demo models for sure? They are asking for abuse, but thats ignorance on their part. Part of staying up on security is learning how to avoid "best buy attacks" by setting up your network correctly to filter out that crap.
This is a figure of speech but if the shoe fits...Quote:
there's no reason to call me a "fool" ...
Here you are advising people to go to a school or library stating that cameras are the only concern...
And here you are discussing a completely different topic which happens to be the content of one of my threads called Disturbing Trend - Hiding in plain sight. I guess you must be the l33t hax0r I'm looking for. Note that you also change your position from the above statement too. http://www.antionline.com/showthread...hreadid=268309Quote:
In my opinion, if anyone would try to do somthing malicious it would be much easier to simply use a computer in a school, library, CompUSA or any other location w/ Innternet access. You'd only have to worry about cameras
So at very least, you are counter productive to this thread and in my book; a fool.Quote:
but attacker will not use "your network" or "my network" simply BECAUSE they are secure. h/she will use a CompUSA e-machine, Best Buy application center and not every library has R. Stallmen sitting in a closet. In a weekend of driving around you can probably find and create 20-30 zombies in different places. then attacker can just DOS your "secure network".
--TH13
Unless you have the wherewithal to single-handedly create your own backbone super-network, I'd say forget the idea of proxies. They are a fad of the past for the sk33d3rs (90's). Dodging forums measures, dodging multiplayer server mods, storing your passwords on proxy supplier severs perhaps?
;)
I'm willing to bet you draw attention to yourself by using them. I'm going to take a wild guess and say that they're able to shoot you rogue packets from your ISP containing something like Cyber Knight>>>Magic Lantern.
Just felt like scaring the sk33di3s today.
Well Soda makes a good point in that TOR is the new way to "hide" on the net. I'd use that long before I would a proxy.
Now, to answer his question...
Yes, a symetrical key is passed along. The reason why the destination will not know where you are lies in this statement from the folks over at TOR:Quote:
So in short, how does the end of the route decrypt the traffic originating from myself, without making any contact with me (the entire point of tor) without passing a key along? If the source would know the destiniation, to say provide it with a public key, then the destination would know who the source is defeating the purpose of the onion route???
The circuit is extended one hop at a time, and each server along the way knows only which server gave it data and which server it is giving data to. No individual server ever knows the complete path that a data packet has taken. The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can't trace these connections as they pass through.
There ya have it Soda. Make sense?
Do yourself a favor and stop disagreeing w/ me just to disagree. I am pretty much saying the same thing as you. You’ve said that proxies aren’t “really” as anonymous as they are portrayed. I agree w/ you.
I was just trying to illustrate that in case of malicious intent there are other/better ways to “cover your tracks”. Running the malware from a system OTHER THEN YOURS is pretty much the first thing on the list, therefore making proxies obsolete for anyone serious in covering their tracks. These can be accomplished in many ways (intrusion, Trojan), I only illustrated the easiest one. Simply taking over a publicly accessible system. I am not discussing anything that happens on target’s end.
Conclusion: proxy is a skiddie fad, maybe useful in anonymous browsing from workplace, if that.
Point being made: I AGREE W/ YOU
PS: everyone is a tough on Internet, even my little sister. So to sample real life, start by telling you family that they are fools.
That does sound about right, however it means the hops have to be "trusted"(;)) in the network for the encryption to really mean anything... plus it's symmetric so you could read the key between hops anyway. So what's it take to be a node in the tor onion route? Looks like anyone can participate:
http://tor.eff.org/cvs/tor/doc/tor-doc.html#server
Which means that use of this proxy will do it's job covering the source but won't prevent the .gov or a skiddie from adding their server to the network. (I wonder if tor validates the servers before popping them into the network?). The symmetric encryption is more of a courtesy than a means of protection, at least it's how it sounds from your description.
Huh?Quote:
So to sample real life, start by telling you family that they are fools.
Ummmm, perhaps. Are you suggesting that I'm a 90lb 17 year old out to simply piss you off?Quote:
PS: everyone is a tough on Internet, even my little sister.
Is this what you think? Do you read your posts? You disagree with yourself.Quote:
Do yourself a favor and stop disagreeing w/ me just to disagree.
Anyway, when you post something worthwhile and correct, I will respond accordingly.
I just fired up the tor client and gave onion routing a go. I am impressed....
The speed seems very nice, I was mainly looking for proxies when this thred started to conceal my ip in irc. Nothing malicious. onion routing seems to be the way to go, and its pretty quick as well!
As the owner of a computer security company, I have tested so many proxies over the years. The one I use now is the TOR client. In order for TOR to be effective, you must also run the PRIVOXY client, which can be found on TOR's dl site. It is extremely effective at concealing your ISP and IP, but as many have mentioned before, no matter how many hops you set up, no matter how many proxies you daisy chain together, in the end, if someone wants to find you, has the time, the means and the patience, they will eventually be able to extract the originating IP, even if you have subscribed to an Anonymous service. Logs, in the form of paper or 1's and 0's will eventually reveal YOU. You can, however, minimized your exposure by limiting your time online, and physically disconnecting your CAT5 from your NIC when not in use. One small trick is to find out exactly what time your ISP's servers refresh their IP's, then, when they refresh, open up a CMD line, dump your IP, refresh your DNS, and if you time it just right, you can effectively GHOST your IP. This means the server at your ISP will only see the last known IP for your box, and will not refresh it, essentially assigning you the same IP as you had before your refresh and the server's reset, and at that point, you will have a new IP at your physical location, but from the ISP's logs, your old IP will show up, thus GHOSTING your IP.
BTW: I watch from the back, and only make RARE posts when I find something of interest, which is not much. If you want to see my work, you may see my sites:
http://www.centcomcomputers.net/
http://www.3cintelligentsecuritysolutions.com/