12:39 Ways of concealing ipaddresses on the network internet | |
Before we consider in detail the well-known technology of hiding his real IP-addresses, we need to know your IP-address and clarify some things, exposing our computer network, such as DNS-server address. It's enough to go to any service checks anonymity, for example www.whoer.net, the main thing that he possessed an online scan of your computer using Java, ActiveX, Flash and Javascipt. Change your IP-address, for example by Socks or VPN, is not enough, because There are many technologies that enable it to identify who need to either disable your computer, or to deceive. Also, do not be amiss to change the transmitted HTTP headers, it will "bring down" the definition of installed software and the geographical location of your computer. More detail to verify your computer can be an expanded version of www.whoer.net / ext.VPN (Virtual Private Network, Virtual Private Network)External VPN-connection is not much different from connecting to the normal network: the application did not feel the difference and therefore without any options will be used it to access the Internet. When one of them will want to refer to a remote resource, the computer will create a special GRE-package (Generic Routing Encapsulation, encapsulation of the total route), which is in encrypted form will be sent to VPN-server. VPN-server, in turn, this package will decipher, will understand what its essence (a request to download any HTTP-page, easy transfer of data, etc.), and execute on its behalf (ie, shine your IP ), the appropriate action. Next, having received a response from the remote resource, VPN-server puts it in the GRE-package will encrypt and send this form back to the client. Continuous data encryption - this is key in ensuring security. PPTP-traffic can be encrypted by MPPE (Microsoft Point-to-Point Encryption, supports 40 -, 56 - and 128-bit keys). This maykrosoftovsky protocol. Early versions were terribly worn and cracked elementary, the new gross errors corrected, but Microsoft's attempts to do something in the field of cryptography is nothing but laughter did not cause. New versions of the protocols simply do not specifically examine for holes. OpenVPN - The free implementation of the technology VPN, is based on a conventional Internet protocol stack TCP / IP. This ensures that the connection even with those providers that do not support PPTP (most often cellular operators, which cut all GRE-packets passing through GPRS and EDGE). OpenVPN works well even when you do not have a real ip-address, as opposed to PPTP, which requires the simultaneous establishment of two network sessions. I OpenVPN has several advantages over the technology VPN:
Servers for anonymous VPN is usually installed in countries where most are loyal to hacking, spam, etc. (China, Korea and others). In most cases, there is an agreement with the administration, which for a fee, agrees to ignore complaints of abuse-service, and no logs. Based on his experience I can recommend a fully automatic OpenVPN service www.vpnlab.ru c large selection of servers. Proxy, SOCKSProxy Server (from the English. Proxy - «representative or authorized") - service in computer networks, allowing clients to indirect requests to other network services. First, the client connects to the proxy server and requests a resource (eg file) located on another server. Then the proxy server connects to the specified server, gets life for him, and the customer. So, to what servers and what are the protocols we can address through a proxy, depends on the type of the proxy, ie, the protocol by which we refer to it. There are several types of proxy: HTTP-proxy, SOCKS4, SOCKS5 and nekotrye others. HTTP-Proxy most common, easiest to find them online, but they work only with HTTP (and there is https-proxy), in addition, can be inserted into the request headers the client's address, ie not be anonymous. Protocol SOCKS the most remarkable in that it encapsulates the protocols were not applied, and the transport layer, ie, TCP / IP and UDP / IP. Because only on these protocols can work on the web, through a SOCKS can work with any servers, including the same SOCKS and thus to organize the chain of SOCKS-servers. For the same reason all the SOCKS-server anonymous - not at the level of TCP / IP and UDP / IP to provide additional information without breaking the parent protocol. You can also highlight anonymizers - look like a normal search engine, only instead of words / phrases they need to enter the URL of the site that you would like to view. Anonymizer is a script written by, for example, perl, php, cgi-scripts. A couple of useful programs for work with http-proxy and socks: SocksChain - program that allows you to work through a chain of SOCKS or HTTP-proxy (we must remember that any proxy server, and the more free, keeps a log. And the man who has the appropriate privileges, can always figure out where you went and what you do, even if you use a chain of 10 anonymous proxy servers in different parts of the planet). FreeCap - a program for transparency redirect connections through SOCKS-server programs that do not have native support for SOCKS-proxy. TORTor (The Onion Router) - free (BSD) implementation of second-generation onion router (so-called "onion (layered) routing"). System, allowing users to connect anonymously, ensuring the transfer of user data in encrypted form. Regarded as an anonymous network that provides anonymous web-surfing and secure data transmission. With the help of Tor users can remain anonymous when visiting web-sites, publishing, messaging and work with other applications using the protocol TCP. Traffic safety is ensured by use of a distributed network of servers called "multi-layer routers» (onion routers). Members of the Tor network run onion-proxy on your machine, the software connects to servers to Tor, periodically creating a virtual chain through a network of Tor, which uses cryptography, multilevel method (similar to onion - Engl. Onion). Each packet entering the system passes through three different server (node), which are chosen randomly. Before sending the package is encrypted with three keys sequentially: first to the third node, then for the second and, eventually, for the first. When the first node receives the packet, it decrypts the "upper" layer of encryption (similar to how clean the bulb) and finds out where to send the packet next. The second and third server to do the same. At the same time, the software provides the onion-proxy SOCKS-interface. Programs running on the SOCKS-interface can be configured to work through a network of Tor, which multipleksiruya traffic routes it through a virtual chain of Tor, which finally allows to provide anonymous surfing the web. Existed for a special add-Tor for web browsers Opera, Firefox. SSH-tunnelingSSH (Secure Shell) - network protocol that enables remote control of your PC and transfer files. Uses encryption of the transmitted information. SSH-tunneling can be considered as a cheap replacement VPN. The principle of this implementation is as follows: all network software on the computer The forward designated port (your lokalhosta), on which hangs a service connected to the SSH server (as well as we know, the compound of the SSH protocol is encrypted) and tunneling all queries on all your traffic (not encrypted) can be forward with the proxy server (which supports tunnerirovanie) or socks that transfer all traffic to the address. A proxy or socks is not necessary. What are the advantages of this system:
JAPIn one of the German institutions has been developed quite a clever way to maintain anonymity. The system user sets up a special proxy software JAP, which takes all requests the user to connect, the crypt (AES with 128-bit key length) and in safe mode, sends a special intermediate server (so-called mix). The fact that the mix of uses at the same time a huge number of users, and the system is constructed so that each of them was visible to the server. And since all customers are the same, and to calculate exactly one user is not possible. Mixes are usually established on a voluntary basis, mainly in universities, which officially confirm that there are no logs. Besides commonly used chain mixes, usually three mix. P2P proxiesConsider the example network Peek-A-Boot: Peek-A-Booty - a distributed peering network of computers belonging to volunteers from different countries. Network was created to allow users to bypass restrictions imposed by local censors and get access to forbidden in any given state Internet resources. Each node in the network is masked, so the user can send requests and receive information from certain IP-addresses to bypass censorship barriers. A user connects to a dedicated network that is running the Peek-A-Booty. A few randomly selected computer can access the web site, and sends the data to the person who sent the request. All the traffic in the network is encrypted by the adopted e-commerce standard SSL, so it all looks like an innocent transaction. ConclusionOf all the methods we have considered only the TOR and P2P is completely free, with high reliability, but, unfortunately, not easy to posednevnom use and configure. From the perspective of a high level of security and ease of tincture leader OpenVPN, but its prices start at $ 15 a month. Widespread use now receives DoubleVPN technology in which packets pass through two VPN server. This is probably the fastest and most convenient solution to the problem of guaranteed anonymity, but the price ... An interim solution might be the so-called analog VPN - SSH-tunneling, which is sufficient for the presence of a shell-access, which is quite cheap, and the compound itself is configured, for example, through Putty. Unfortunately, the setting is not easy and time-consuming, usability, too lame, so it's still an option for "geeks." | |
|
| |
| Total comments: 0 | |