Proxy Avoidance - How to or Why - Part 1?

OK another strange title, proxy avoidance -  so I'm keen on privacy, I'm keen on avoiding the nosey b****s who want to spy on me,monitor, sniff or steal my information.  But I'm afraid way too many people equate using a proxy with being anonymous or private in some way, but for the vast majority of people this is the exact opposite of what happens.

A proxy can be used to ensure your privacy sure, if it's set up that way.  The proxies I use at Identity Cloaker don't keep logs, don't monitor the traffic and delete everything. But the vast majority of proxies in existence are there to monitor and control what you do online. If you use a proxy server - all your data is being sent through that proxy, which is why 90% of organisations allow you to use the internet but only through their proxy server.

Let me make it clear at the beginning though, if you're being blocked by a work, school or ISP proxy then you'll need at least one of the following

  1. Luck - badly configured client or proxy, if the security is set up badly, proxy avoidance can be fairly simple.
  2. Technical Skill - the amount you need depends on the environment and how the proxy is set up.
  3. Identity Cloaker - or similar software designed to secure your internet surfing and bypass proxies.  It doesn't guarantee bypassing proxy monitoring completely but does it most environments.  Test with the trial first if you're unsure - Identity Cloaker trial  

Proxy Avoidance at Work

If you use the internet at work, college or school, it is highly likely that you are surfing through a proxy server already.   This server acts as an intermediary for each client - sending and receiving requests of web pages.  Now there are lots of different ways these proxies can be set up - transparent, caching, anonymising are just a few examples.  Initially proxies were simply there for speed, if you have 100 people an hour asking for a particular web site, it's much quicker to cache that web site on your own server than to keep sending out 100 requests per hour for the same thing.

But nowadays they are generally used for much more, they monitor the content that users request, how often they send web requests. The proxy can block, filter or just monitor all the web traffic that passes through it.  You'll probably be aware of using a proxy if you've ever tried changing the proxy settings at work, if a company network is set up properly the following or similar will be implemented
  • Browser proxy and security settings will be locked down.  On windows machines this is usually done by using Windows Group Policies to lock down and customise each machine.    This will stop people changing their settings and doing any proxy avoidance!
  • Firewall Rules will only allow web traffic from the official proxy servers - so if you did choose another proxy server, the firewall would block all traffic unless it came from the IP address of the official proxy server.
  • Content Filtering - in additional to monitoring on a proxy server.  Many companies have implemented additional solutions like websense which monitor all urls and traffic within an organisation.  They will block according to specific rules and algorithms which detect content deemed unsuitable.
There are of course many more options available but typically you'll at least find two or three of the above implemented in any reasonably secure environment.  If you don't want to be monitored or blocked these will be the possible problems you will have to avoid.

Of course there are all sorts of ways of bypassing all these issues, certainly one of the most common ways I see people avoiding the official proxies is actually quite simple.   You see a company will often tie down and restrict Internet Explorer to restrict their browsing, this is quite simple to do with Windows Group Policies which have a set of ready made templates to do this.

However inevitably I'll find in an organisation that half the people have decided to install Firefox or Opera to do their browsing and none of the restrictions are being applied.   Locking down other browsers using Windows GPOs is not that straight forward so you'll usually find nobody ever bothers !  If the computers and firewall aren't locked down properly just installing another browser will allow proxy avoidance.  You should always check with your Internet Use Policy (conditions of using the internet wherever you are) - make sure there's nothing in the conditions that state you mustn't use another browser or connect without the proxy.

There's quite a lot about this subject, and lots of different combinations so I'll continue in my next post on Proxy Avoidance.    I want to explain also how Identity Cloaker can bypass all these restrictions in most circumstances (not all depending on firewall configurations).  I'll also cover the old method of using web based proxies on the net which allow a rather annoying browsing experience by fetching your web page and displaying it in a frame, of course despite them being all over the internet they rarely work either in most environments.