Wednesday

Tips for a High Anonymous Proxy?

So what actually is a high anonymous proxy and where can I find one. There are no exact definitions only opinions on what does actually constitute a highly secure proxy but here's some points I'd look out for.

First of all just by adding the word high, highly or super secure to the name of a proxy or list of proxies surprisingly has very little effect on how secure it is.

You can actually look at this from several distinct views for instance lets take one of the very basic rules of running a proxy service (or any other service for that matter) - in what user context is the proxy service running in? Is this something you've asked or checked with your proxy owner?

The very, very worse thing you can do is run this service as root, this user has complete control over the entire server and if any bug, vulnerability or flaw in your service may allow someone to open a huge door to the entire server. As soon as an attacker controls the root account he can do whatever he likes to all the users, logs, accounts and files on that server.

high anonymous proxy illustration

A common alternative is to run in the context of the user 'nobody', this account has no real privileges so someone can't take over the machine directly via the process running in this user context. It does however have read and right access to all public areas and directories, all files and logs running under this user and any other services or files running as 'nobody'.

The most secure option by far is to create a dedicated user ID for the proxy server, this user should not be used for any other purpose and should not run any other service. This protects the machine, the files, the logs and other servers or services running on that machine - even if the account is compromised the rest of the server is secure.

You won't get a High anonymous proxy for free


People don't often think about the security of the actual proxy and the server itself, more focussing on the fact it hides your IP address. But really what is the point in worrying about your anonymity then ......creating a huge log in clear text of all your browsing, passwords, accounts on an insecure server.


Even worse people don't even know who runs the server and yet they trust it with all their browsing details, accounts and IP addresses.

This is just a single example of how a high anonymous proxy should be set up, of course there's many other things to consider including how the proxy deals with web requests, how much of your connection does it log, what information is kept.

In all you'll find the more professional the set up, the more anonymous the proxy will be. The problem with many of the free anonymous proxies is that they have already hacked and so are already extremely insecure and unsafe - yet people will happily point their browsers at them and pretend they are being anonymous !! Utter madness I'm afraid.

0 comments: