Highly Anonymous Proxies

Does anyone know a good website to find Highly Anonymous Proxies? I'm having trouble finding working ones

 

Any of these useful?

 

There is nothing that is truly anonymous.

 

/discussion

what are you trying to hide here dude?

 

Hotspot shield will run inside gpass from there you can connect to a different proxy. Do this in a public place on a laptop.

 

buy a shell acount somewhere and tunnel all your traffic through it if you really want to do it right.

 

The Guardian mentioned a network called "TOR" in connection with bypassing the great firewall of China during the olympics - do some googling.

 

Again, tor is not anonymous. It is the worst for security! Read up on how it actually works. Sure you can get around some filtering system perhaps at a business or school but anything other than that you are setting yourself up for trouble.

 

nothing like a packet sniffer and being a node for tor!
not that I have done this or anything

 

Ok...
Ah well, your call.

 

quick little explanation on how tor or any other type of proxy of that nature is very unsecure.
http://www.youtube.com/watch?v=dbxG1sT3MSI

its real easy actually. all your doing is tricking your router into thinking you are the gateway through(ARP poisoning) and then your computer forwards it onto the real gateway. but before it does that it sniffs all the data going through your network(a node in tor for example). and then cain and abel displays it in a nice graphical way so that even a little kid could grab it.

trust me. its not pretty.

 

ok...
Ah well, I don't need this services - one exception, I want to get to the maths website at university from the university's wireless network - someone messed up on the ip adress front...

Ethernet on the university computers works, Wireless doesn't...

But that wouldn't be sensitive at all, not even login information

 

you sure its not that way for a reason? most wireless and wired networks on a campus have some differences for security reasons. its a lot easier to lock down a wired network then a wireless one. anyone can pop open a laptop and try to penetrate a wireless network and blend right in. a wired network you can do the same..just looks a little more suspicious lol!

switchport security on cisco switches...best feature ever!

 

The moment I'm outside, i.e. at home I can access the maths website without problems.

here you go:
http://maths.sci.shu.ac.uk


And when I mentioned this to the lectuer who is possibly the most computer literate, he wa a bit surprised.
(the non-access from the wireless - he said servers are assgigned IP adresses inside the network compared to from toutside the network, and maths had moved...)

 

; <<>> DiG 9.3.4-P1.1 <<>> maths.sci.shu.ac.uk
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56750
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

;; QUESTION SECTION:
;maths.sci.shu.ac.uk. IN A

;; ANSWER SECTION:
maths.sci.shu.ac.uk. 3555 IN A 143.52.5.51

;; AUTHORITY SECTION:
shu.ac.uk. 3555 IN NS sunrae.uel.ac.uk.
shu.ac.uk. 3555 IN NS redwood.shu.ac.uk.
shu.ac.uk. 3555 IN NS ash.shu.ac.uk.
shu.ac.uk. 3555 IN NS pine.shu.ac.uk.

;; ADDITIONAL SECTION:
redwood.shu.ac.uk. 3555 IN A 143.52.28.10


IP for the website/server you posted in.

so what your saying is this website was only accessible from inside a certain network and now it is accessible practically anywhere.
yea that could be a little bit of a security concern. talk to your IT department about it. could be as simple as a firewall rule or access control list.

 

also, edit your post and remove those two links if you could, I see some info in there that could cause some concern.
like a improperly configured .htaccess file for apache. (not named correctly)

just as I figured,
#AllowOverride none
AuthType Basic
AuthName "Student Websites"
AuthUserFile e:\web\users
AuthGroupFile e:\web\groups
#allow from 143.52.70.*
require user Student
satisfy any

they were going to try and lock it out so only IP's coming from that IP range could access the directory. not the best way of security as anyone can really duplicate an IP if they want in. they need something hardware in place.

 

Its been accessible from outside from the start.
Its been accessible via the University ethernet from the start.

Only not via the university wireless

 

that does not sound too bad. just something not configured correctly I would guess. my other post is a bit alarming though

 

theoretically we log into maths.sci bla bla bla for our digital logbook (yukk) via php, also add to it from home.

The students part is students webpages, supposed to be a protfolio that could be shown to potential employers should we wish to do so.

Anything they messed up, I somehow can't be bothered...

 

Possibly because someone messed up...

 

yes someone messed that part up quite bad really.

apache checks files to be sent to a user. and if there is a . in front of the file name it is not viewable from the outside(you or I) the common use of these files is to lock out certain users/groups/IP ranges from a resource(ie; students) well the way this file was named it did not start with a . so it was viewable by anyone. granted the file is not a huge security concern. I now know where the passwords file is stored and the server type is windows because of the use of drive letters.

 

If you want to could try contacting the person in charge of the maths server In that case you want Jeff
just google, -> http://www.shu.ac.uk/mathematics/staff.html

or use the e-mail adress at the bottom
http://maths.sci.shu.ac.uk/

Also, you know what you are talking about - I'm not a great networking expert.

 

Yah, someone most definitely messed up on that .htaccess file, mainly by renaming it xx.htaccess - must have been someone with only .Windows experience and no sense of how a *nix file system works, who could get his/her mind around starting a file name with a "."

@DetlevCM: You really should remove that second link to the the students section, because the presence of the malformed htaccess file suggests that it was intended to be private, but that the privacy was compromised by someone goofing up with naming the .htaccess file (which, strictly speaking, is a poor way to control access to a particular part of the file system; it's much better coding to put the appropriate limits in the main Apache configuration file).

 

??? Menaing?
You lost me there.

I can remove the students link - (did so) - but I'm pretty sure it was meant to be accessible from the outside - as we were told the website was supposed to be a portfolio of what we've done - which we could show to companies.

 

just for security reasons. most sites like that(portfolio's etc etc) are meant to be distributed to people you know. not really broadcast on a forum. I dont think its a huge problem. but just to be safe.

 

For regular HTTP, yes, because it's plain text. But not if you go to sites that use HTTPS. This is why it's very important to make sure the sites are secured if you need to login through public proxy service such as TOR.

 

I suppose it depends on the student really - see my sig

 

True enough, but that does imply that the student(s) in question get to retain a certain amount of control over who sees their work, and who does not; however, with the way that server is currently configured, they have no control because anyone with the url, or a little idle curiosity, will be able to see what the students have done, whether any student feels that it's ready for prime time or not.

I would take from that statement the understanding that a student may provide their work to people of their choosing, probably by moving the finished product to a different webserver if the server in question was supposed to be configured to only allow access from internal IP addresses (as suggested by that misnamed .htaccess file). Unfortunately, with the malformed .htaccess file, that element of control is missing.

 

Well, they won't provide a different server - that is for sure.

There is the ability to password protect files via the maths website (you don't need to write their own access file)

Maybe it was different before and Jeff changed it, I don't know.

The open to the outside part is definite - in fact, I couldn't find the site the first time I tried, spoke to Jeff, he told me the adress (I had the wrong adress) - no mentioning of anything like outside bloking or similar.