Phantasm66
Posts: 4,909 +8
Here's not a bad read from the Reg.....
Do-it-yourself Internet anonymity
By Thomas C Greene in Washington
Along with the recent government hysteria over terrorists, we've seen legislative measures and 'emergency powers' inviting law-enforcement agencies worldwide to conduct Internet surveillance on an unprecedented scale. But because the state-of-the-art of electronic dragnets makes it difficult if not impossible to exclude the comings and goings of innocent citizens, we thought this a good time to run down the basic techniques for ordinary, law-abiding folk to come and go anonymously on the Net, and keep their private business private.
How do you make a truly anonymous post to a newsgroup or a BBS? How do you keep the Web sites you visit a secret? How do you send e-mail and ensure that its contents can't be read by someone who intercepts it? How do you chat anonymously?
We'll invoke our foil, Windows addict Harry Homeowner, and lay it out in terms the average user can profit from, though with hopes that even you power users might learn a thing or two in the process.
Proxies
These are your first line of defense, so let's start with them. Proxies provide a useful layer of mediation between your machine and the Internet. There are several types, but Web proxies and Socks proxies are the two most relevant to our purposes.
Grossly oversimplified, a proxy is a remote machine which you connect through to the Net, which forwards your IP traffic, and which you then appear to be originating from. When you contact a Web site via an anonymous proxy, it's the proxy's IP which shows in their logs.
You can use either Web or Socks proxies with your browser, and Socks proxies with other Net clients to obscure your IP from prying eyes. But you do have to choose them with care.
Socks proxies are the best, general-purpose proxies. This is so because Socks are non-caching, which means, for example, that there won't be a record of the Web pages you fetched while connecting through one, except on your own machine -- and this you can fix rather easily (more on that in 'Browser Settings'). It also means they're slow, but if you want anonymity, you shouldn't quibble.
But older versions of Internet Explorer and Netscape don't support Socks. What to do? You can upgrade, but I prefer an older browser with fewer 'features', which I equate with fewer security leaks (though these should be patched regularly, of course). Rather than upgrade, you can download an application called SocksCap, and use it to 'socksify' any IP client you use. It will work with browsers, e-mail clients, telnet, SSH, chat clients, even your l4me e-mail bomber. Test it; socksify your e-mail client and send a message from one of your accounts to another. Check the header. Is the originating IP your proxy? If so, your e-mail now appears to originate from the proxy's IP. This can be extremely useful, as we'll see below.
Useful but not foolproof. Of course the proxy machine's admin can easily learn that you connected to it after perusing his logs, so a proxy doesn't actually conceal you; it just adds a layer between you and whatever you're contacting on the Net. This layer can be thick or thin, depending on where the proxy machine is physically located. If your proxy is located in a country unlikely to cooperate with requests for their logs from foreign officials, or a country where your mother tongue is rarely spoken, it can be, in practical terms if not theoretical terms, quite an effective layer of protection.
It's easy to determine a proxy's country of origin with the $20.00 Patrick Project DNS utility, which will resolve IPs to addresses and vice versa, and a good deal more to boot. You cheapskates out there can go to SamSpade.org and do it all for free.
Now you know how to determine your proxy's location. The more exotic the better: Korea is better than Japan; Thailand is better than Korea; Indonesia is better than Thailand; Papua New Guinea is pure gold. Kenya is better than Morocco; Ghana is better than Kenya; Guinea is better than Ghana; Burkina Faso is pure gold. You get the picture.
Now you need to test the proxy for anonymity. Some of them can leak appalling amounts of information, like your true IP, for example. There are several environmental variables checkers on line which will tell you just what information your proxy is leaking to the world, and a nice links page to a heap of them is located at Proxys4all.com.
And what do env checkers tell you? The chief variables you need to know about are:
REMOTE_ADDR: Your apparent IP, which should be the proxy. If not, use another proxy.
REMOTE_HOST: Your apparent address, which should resolve to the proxy IP. or better yet not be resolvable at all. If it resolves to you, use another proxy.
HTTP_X_FORWARDED_FOR: Sometimes your true IP is revealed -- get another proxy.
HTTP_USER_AGENT: Your browser type -- unimportant.
FORWARDED: Reveals the fact that you're using a proxy; not fatal, but better if blank.
VIA: Reveals the fact that you're using a proxy; not fatal, but better if blank.
CLIENT_IP: Sometimes your IP is revealed -- use another proxy.
HTTP_FROM: Sometimes your IP is revealed -- use another proxy.
You can use a free application called ProxyHunter to scan ranges of IPs and find your own proxies. These you can evaluate, determining location and anonymity according to the guidelines above.
A scan such as this is non-invasive and non-destructive, but it's still possible one may get a nastygram from one's ISP for performing them.
Socks proxies are located on port 1080, so you'll want to use that in most searches with ProxyHunter. HTTP proxies on ports 80, 3128 and 8080 are useful, and can be loaded directly into your browser, but they're not quite as secure.
You can load a good Socks in your chat clients like IRC and ICQ; and with SocksCap you can run your telnet and e-mail clients and browser through one as well.
For even more anonymous surfing, you can give yourself an added measure of security by connecting to a Web proxy like Anonymizer through a Socks (or even a decent HTTP proxy). Feel free to e-mail me if you can't figure all this stuff out -- but please, I beg you, give it a fair go on your own first. I'm a humble news reporter, not a help desk.
When you find a Socks proxy with ProxyHunter, or by perusing the many public Web sites where they're listed, and you get satisfactory results from the env check, and your proxy is located on some God-forsaken corner of the Earth, then you've acquired a decent layer of protection. Congratulations. But that's far from the whole shebang.
Anonymous dialups
Whenever you dial in to an Internet connection, your ISP can determine your phone number with caller ID. This information is recorded, and can be turned over to nosy Feds on request with an administrative subpoena, which doesn't require a judge's approval.
If you've got a regular ISP account billed to a credit card, your ISP knows perfectly well who and where you are, so concealing your phone number from them is hardly an obstacle to associating you with your Net activity. In much of Europe, the telco is the ISP, so the possibility of making anonymous dial-ups is remote. In that case, all I can suggest is trying to find a data-capable pay-as-you-go mobile phone, and of course paying cash for it. If you're asked your name, lie. If you're asked for ID, leave.
However, there are free ISPs like NetZero on which you can register with totally fictitious personal information, and to which you can connect with caller ID disabled. This isn't a solution in itself, but combined with the judicious use of good proxies, it can add a second layer of anonymity to your comings and goings. It can make you a bit more difficult to identify.
These ISPs don't allow you much free surfing time -- usually something like ten hours a month; and they feed adverts to you and they're slow (made slower still by proxy use); but they can be a superb means of connecting when you need to be even more anonymous than usual, such as when you make a controversial post to a newsgroup or BBS, or send a sensitive e-mail.
Get your ducks in a row: first, go to an Internet cafe or a library. If they require identification, go elsewhere. When you find a public place where you can surf anonymously, set up an account with NetZero using fictitious personal information. Even better, go through a Web proxy while you're at it.
Record your login, password, and a dialup number convenient for your home location. Now go home, and disable caller ID (contact your phone company for instructions), and dial in to your new fictitious account. And always dial in with caller ID disabled.