HIding behind a proxy did not seem to work? - proxy

I often visit various sites and like to do so anonymously from behind a proxy. However, it seems as if some websites are still able to detect my real IP address. I know this because they use the IP address to attempt to geolocate me for services.
How did they actually get my real IP Address if I am using a proxy?
How can I truly hide myself?

Most proxies you'll find online are so-called 'transparant proxies'. This means they identify themselves as proxy and even give your real IP-address to the site.
These proxies are commonly used to load pages on the proxy-server instead of your PC.
IP proxies won't protect you at all, to be honest.
What you need are VPN's (Virtual Private Networks) a.k.a. Network Tunnel.
VPN's allow you to do everything online via an external PC inside that network. You'll get that PC's IP and all loading etc happens on that PC.
Not all VPN's are undetected. If you always want to browse the web anonymously, you'll need to find some HQ VPN's (barely for free) and you'll need to change VPN frequently.
Try searching on HideMyAss, SecurityKISS, ... or maybe even the TOR-network

Related

socks5 proxy: enable for only certain IPs

I have a webpage and a little game server running on my own machine that is located at my work office.
The problem is that some people can't reach the webpage and game server, because of some network issues. The reasons are not the key, just take it (for almost all my community all things works fine, there just some troubles for a specific group).
So,
I have set up the test Droplet on Digital Ocean, with socks5 proxy installed.
https://github.com/hensly/socks5
And it all worked :) Clients that are restricted to connect directly are just using my proxy server to connect to the webpage or game server.
.
So my questions come up:
How can I limit my proxy to work only with certain IPs? Actually, I need only one IP - the IP of my server-pc, and that's it (the reserved (white) IP and domain name attached to it). Is there a way of such limitation on the proxy side? I just don't want them to use proxy for everything (mostly because there is not an unlimited Bandwidth and it could cost some extra).
Thanks <3
p.s. if you know other, more convenient ways to solve my problem, I'd appreciate it if you share your thoughts.

Changing ip Address Mac

how can I change my ip address on a mac, but without proxies? I've used vpns and have gone to the advanced setting proxy list (using hidemyass etc), but I want a legitimately changed IP address. I've heard terminal can be used, but I don't know how to use that.
An IP address is something your ISP provides your router with. It is not something you can choose.
What you can do is use a VPN to send all your traffic to some server, which then works as a relay.
(And if you're just looking to browse the web anonymously, theres always Tor)

FTP Behind Firewall and Dynamic IP Address

I'm currently working on a client project and I get access to files via FTP. Their server is behind a firewall and they're asking me for my IP address, I'm guessing for whitelisting.
Problem is, my IP address is dynamic and it changes quite a lot throughout the day. Is there anyway around this?
Thanks in advance.
The best way to avoid paying for a static IP is to carry on using a dynamic IP address, but use a dynamic DNS provider such as No-IP which you can cause to update every time your IP address changes (routers will often do this for you automatically, or there are Windows / OSX / Linux (such as ddclient) clients). That way, you can just use something like magpie.no-ip.com instead of an IP address and it will always resolve to your public address.
You can find the whole answer here: https://superuser.com/questions/455226/can-you-configure-dynamic-to-be-static-yourself-without-changing-your-isp

Recaptcha IP addresses

Okay, so we implement Recaptcha in production. We get errors because it can't reach the IP address it needs to use the service. We open a port for the IP address to reach Google. No problem. We do that and configure that IP address explicitly to work. It works great. Then, the next day, we start getting errors again because Recaptcha is using a different IP address. I can allow requests from that IP address, too, but now I'm unsettled. Where are these addresses coming from? How do I configure this to work reliably?
Recatpcha from Google can use any Google IP address and there are lots of them.
Ran this from Windows:
_netblocks.google.com text =
nslookup -type=TXT _netblocks.google.com
"v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ip4:173.194.0.0/16 ?all"
That's all the network Google uses currently. These can change so check them often.
Google suggest allowing port 80 to all IPs outbound, this highly insecure. They recommend going through a proxy server but again that is highly insecure if your web server is an DMZ. Proxy aware trojans do exist. All that need to be done is exploit a vulnerability to execute arbitrary code and you can create reverse connection on port 80 through a proxy server to download the payload. Then it is trivial to escalate privileges and own the box. I don't mean just Windows servers but Linux as well. I've done it in lab environment on security was on. It's really easy to do.
This is the Google website I got this from:
http://code.google.com/p/recaptcha/wiki/FirewallsAndRecaptcha
I wanted to append to this answer with more recent information. The documentation that Chris is pointing to does not include all of the TXT records necessary to dig (thanks Google):
_netblocks2.google.com (IPv6 subnets)
_netblocks3.google.com (Additional IPv4 subnets)
In my particular case, the _netblocks3 entry contained 2 large /19's that made my initial rule ineffective
(I found additional references here: https://support.google.com/a/answer/60764?hl=en)
Perhaps you should be using a hostname rather than IP

How to VPN / Proxy connect to internet through friend's PC

A friend has a PC with access to the internet. I also have internet but I want to connect to the internet through my friend's computer, using his computer as a VPN, so that I can access websites blocked by my current ISP.
I know I can use logmein (For example) to control his PC and surf there, but I just need the ability to connect to his PC/network and surf through his internet, just like a VPN does.
my question is: what software / method can help us achieve this?
Note: he has dynamic i.p internet
Bypassing DNS blocks isn't that hard.
You can use Google DNS to reach about every site. You change your Domain Name Settings[*] to those of Google and you'll be able to visit TPB or other blocked sites.
If you want to work with a VPN, it'd be best if your friend sets his IP to static.
This way you can use the built-in VPN client in Microsoft to connect to him. Check out this tutorial on how to make a VPN on his pc and connect with it from yours.
[*] DNS-settings are needed to retreive an IP from your ISP. If you change them to Google DNS, you'll get an IP from Google and your DNS-lookups (when you surf to a site) will go via Google instead of via your ISP. This allowes you to bypass local DNS-blocks and some sites will load a few miliseconds faster.

Resources