Post Reply 
Stay anonymous with Java and Javascript active
Feb. 15, 2006, 09:57 PM
Post: #1
Stay anonymous with Java and Javascript active
Topic moved by Admin


Proxy to stay anonymous with Java/Javascript/plug-ins/flash...


1-method

Install Firewall on your machine and restrict all the connections to the Internet (except for the anonymous proxy server) from a browser. It's also recommended to use port mapping for this free anonymous proxy server and define the browser's proxy as 127.0.0.1 with the local port from port mapping.

2-method

Use socksification in your browser. This will enable relaying all the information your browser or any other software sends and transfers to the proxy server.

3?- THE Best Method

You need to set up LAN, local IP addresses (192.168.1.x or alike). A corporate proxy server should forwards ALL requests to a free anonymous proxy server (you need to have skills and rights of a system administrator in order to do that). It's impossible to connect to the Internet bypassing a corporate proxy, as long as external IP address is not assigned to local machines. It's also impossible to scan local machine's settings: even if Java/ActiveX applets detects and gives out your local IP address (192.168.1.x) to the web server, your anonymity will remain unbroken. So, basically, you can rate this option as 100% anonymity.
Add Thank You Quote this message in a reply
Feb. 16, 2006, 11:01 PM
Post: #2
 
division1;

Hi, and Welcome to the UOPF! Cheers

Your method number 3 is fair, but one does not need to hard-code in an address in the non-routable range. A hub/router/switch that has DHCP will automatically dole out addresses from one of the 3 non-routable ranges. Thus, any IP stealing scripts will still see only a number in the 10.x.x.x, the 127.0.x.x, or the 192.168.x.x ranges. I doubt that even if a router could be hacked from outside, that it could be made to assign DHCP addresses outside of those 3 ranges.

However, there is still a fly in the ointment, and it's the same one that bugs all privacy seekers, corporate or individual. That so-called 'free anonymous proxy server' that exists somwhere in the Internet cloud is not reliable - it could disappear at any moment, for any number of reasons, good or bad. As a corporate client, there might well be enough moolah in the bank to afford a paid anonymizing proxy server, but many individuals don't have that kind of juice. Such is life in the fast lane. Tooth Left

TOR is of some use, but there is performance trade-off for most users. The compromise comes and goes, which makes life interesting to say the least, but many of us do use it successfully. But for the best 'adventure' of all, I'd offer up the use of the famous JakxPack Header-Spoofing Filter Set. With that, you're as close to golden as it gets. Take a look at it here. Peruse a discussion on why these filters are so sneakily cool, and also pickup the minor bug fixes, here

If you've got questions, just fire away! Big Teeth


Oddysey

I'm no longer in the rat race - the rats won't have me!
Add Thank You Quote this message in a reply
Feb. 28, 2006, 04:26 AM
Post: #3
 
Well I gave the JakxPack a try and I think I installed it correctly. I couldn't figure out where the minor bug fixes download was in the thread that you linked to. The question now is: what exactly have I done?

The thing appears to fool http://www.geobytes.com/IpLocator.htm , but not http://www.geobutton.com/IpLocator.htm ! These two pages appear to be the same thing, but I'm sure they're not.

I have tried Tor/Privoxy combination before and I thought it was fairly fast at some points and painfully slow at some other points.
Quote this message in a reply
Feb. 28, 2006, 04:28 AM
Post: #4
 
Oops, I thought I was logged in for that last post.
Add Thank You Quote this message in a reply
Feb. 28, 2006, 08:12 PM
Post: #5
 
Eric,
Quote:Oops, I thought I was logged in for that last post.
'S OK, others make the same error - no harm, no foul! Crazy

And BTW Welcome to the UOPF! Cheers

Regarding the actual spoofing..... What the filters do is not so much as provide false information, they simply provide confusing information. What the JakxPak does is assign fake (or even real) IP addresses to common value names, and send them out as part of the request header. In turn, a server will pick up these bits of data, and either record them blindly, or make a guess at what's supposed to be there, and record that instead. 9 times out of 10, the guess will be wrong.

As pointed out by hpguru, there is no such thing as falsifying your IP from within your own computer. For that, you need a proxy server, such as those found by the TOR. But if confusing the enemy is what trips your trigger, the the JakxPak was made for you! Popcorn

As for the minor fixes, they occured along the way throughout the many pages of the thread. I don't think Jak has actually uploaded a 'fixed' version, so let's ask him about that, eh? Shock

Hey, JAK! Hey, Our Good Friend, have you perchance made a new and improved JakxPak that includes all the little "gotchas" from the thread??? ErikS4, and I'm sure others too, all want to know.

Thanks, Good Buddy! You be Cool!


Oddysey

I'm no longer in the rat race - the rats won't have me!
Add Thank You Quote this message in a reply
Mar. 03, 2006, 01:15 PM
Post: #6
 
"GREETINGS ONE & ALL",
Welcome "Guyz", Great to see you or rather "Not See You"! Big Teeth <---Little Anonymity joke there.
I'm glad to see that people still enjoy using the filter-pack. Sometimes I still smile when I pop up the "log window" and watch the show. Smile!
But I will try to upload a completed "fixed" version as soon as I can.

Most server's default log only log the host ip, but the "nosey sites" try to log everything. Those sites will log all the "Fake" headers which include the fake forwarded-for header filter that sends the fake ip numbers. That's why that some "Proxy checker" sites will show your actual ip and some show the Fake IP. The idea of Complete Anonymity is sadly but surely a Myth, trust Me, . .I know. So One must becareful Not to become overly confident with any type of anonymity system. A Keen-eyed Admin. that worth his/her "salt" given enough time can track You down easier than one might think. Believe Me there's some "Slick Dudes" out there! HAHAHAHA!

I have both Java & JavaScript enabled in my browser, but I use some special Proxo Java Filters to control what & which pages that I allow Java & JavaScript to run on. I also use an "IP Retrieval Applet Killer " filter that stops the "Applets" on the pages that I allow java & javascript to run on just in case.

I have been working on a new version of "JakxPack" but time has been the limiting factor. I've been doing alot thinking on how I can improve it. Any ideas that You can throw my way would be "Greatly Apprecatied". Smile!

As always "All of Us together is a whole lot better than any One of Us alone."
Later,
"JAK"

PS: "ODD" I thank You so much for Your Vote of confidence "My Good Friend". Cool
Add Thank You Quote this message in a reply
Mar. 06, 2006, 10:41 PM
Post: #7
 
Jak,

Ah, nothing like being called "Odd" to be remined of who one's friends are. Hope all's going well for you, young feller!
Rocker <-- should be smiling instead of frowning


Oddysey

I'm no longer in the rat race - the rats won't have me!
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: