Carrot Soup
12-05-2002, 07:37 AM
I have a couple of questions about anonymous surfing that I havent seen asked before:
Youre using an anon proxy, so maybe the site you visit thinks youre comming from Japan, but....
*. What about all the comps that the page youre visiting goes thru b4 it gets back to you - can't they "see" or log what youre looking at? I'm talking about trace route here. I mean, untill your comp gets thru all the servers before it gets to the proxy and then the site, all the comps in between know who your real IP don't they? Can they log where youre going, what url you requested, what your doing when you get there etc? The target site might be fooled, but doesn't the rest of the trace route know "everything"?
2. Then, whos to say the "anon" proxy isn't some set-up designed specificaly to log anon proxy users. Like, the CIA or some spam set-up? --- "Here's another one, chief. This guy is using our anon proxy to visit sadamisagoodguy.com. Lets bust him for terrorism!" Know what I mean?
One other question: I've got all my scripting etc turned off in IE and am curently using a Hungarian anon proxy. Am I safe enough? Here's the results of a check I did. Please tell me, anyone, if you see any "holes".
DOCUMENT_ROOT=/usr/local/apache2/htdocs
GATEWAY_INTERFACE=CGI/*.*
HTTP_ACCEPT=*/*
HTTP_ACCEPT_LANGUAGE=en-ca --OK, I REALY AM IN CANADA
HTTP_CONNECTION=close
HTTP_HOST=thor.prohosting.com ---SITE I GOT THIS CHECK FROM
HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 5.0*; Windows *8) ------ SO WHO CARES IF I USE IE5.0*? IT ALSO USED TO SHOW THE NAME OF MY ISP, BUT I PLUCKED THAT OUT WITH REGEDIT.
PATH=/bin:/usr/bin
QUERY_STRING=
REMOTE_ADDR=**5.70.*2.2*4 ---MY PROXY. NOT MY REAL IP.
REMOTE_PORT=2646
REQUEST_METHOD=GET
REQUEST_URI=/%7Etcpip/cgi-bin/env.cgi
SCRIPT_FILENAME=/usr/home/web/t/tcpip/cgi-bin/env.cgi
SCRIPT_NAME=/~tcpip/cgi-bin/env.cgi
SCRIPT_URI=http://thor.prohosting.com/~tcpip/cgi-bin/env.cgi
SCRIPT_URL=/~tcpip/cgi-bin/env.cgi
SERVER_ADDR=65.***.***.*44 ---SITE I GOT THIS CHECK FROM.
SERVER_ADMIN=web******@prohosting.com
SERVER_NAME=thor.prohosting.com
SERVER_PORT=80
SERVER_PROTOCOL=HTTP/*.*
SERVER_SOFTWARE=Apache/2.0.4* (Unix)
Any feedback would be great - thanks.
Youre using an anon proxy, so maybe the site you visit thinks youre comming from Japan, but....
*. What about all the comps that the page youre visiting goes thru b4 it gets back to you - can't they "see" or log what youre looking at? I'm talking about trace route here. I mean, untill your comp gets thru all the servers before it gets to the proxy and then the site, all the comps in between know who your real IP don't they? Can they log where youre going, what url you requested, what your doing when you get there etc? The target site might be fooled, but doesn't the rest of the trace route know "everything"?
2. Then, whos to say the "anon" proxy isn't some set-up designed specificaly to log anon proxy users. Like, the CIA or some spam set-up? --- "Here's another one, chief. This guy is using our anon proxy to visit sadamisagoodguy.com. Lets bust him for terrorism!" Know what I mean?
One other question: I've got all my scripting etc turned off in IE and am curently using a Hungarian anon proxy. Am I safe enough? Here's the results of a check I did. Please tell me, anyone, if you see any "holes".
DOCUMENT_ROOT=/usr/local/apache2/htdocs
GATEWAY_INTERFACE=CGI/*.*
HTTP_ACCEPT=*/*
HTTP_ACCEPT_LANGUAGE=en-ca --OK, I REALY AM IN CANADA
HTTP_CONNECTION=close
HTTP_HOST=thor.prohosting.com ---SITE I GOT THIS CHECK FROM
HTTP_USER_AGENT=Mozilla/4.0 (compatible; MSIE 5.0*; Windows *8) ------ SO WHO CARES IF I USE IE5.0*? IT ALSO USED TO SHOW THE NAME OF MY ISP, BUT I PLUCKED THAT OUT WITH REGEDIT.
PATH=/bin:/usr/bin
QUERY_STRING=
REMOTE_ADDR=**5.70.*2.2*4 ---MY PROXY. NOT MY REAL IP.
REMOTE_PORT=2646
REQUEST_METHOD=GET
REQUEST_URI=/%7Etcpip/cgi-bin/env.cgi
SCRIPT_FILENAME=/usr/home/web/t/tcpip/cgi-bin/env.cgi
SCRIPT_NAME=/~tcpip/cgi-bin/env.cgi
SCRIPT_URI=http://thor.prohosting.com/~tcpip/cgi-bin/env.cgi
SCRIPT_URL=/~tcpip/cgi-bin/env.cgi
SERVER_ADDR=65.***.***.*44 ---SITE I GOT THIS CHECK FROM.
SERVER_ADMIN=web******@prohosting.com
SERVER_NAME=thor.prohosting.com
SERVER_PORT=80
SERVER_PROTOCOL=HTTP/*.*
SERVER_SOFTWARE=Apache/2.0.4* (Unix)
Any feedback would be great - thanks.