22

If I obscure my IP by going through a free http proxy and visit a page, will that site's admin ever be able to find out my true IP or anything related to my true connection/info?

nealmcb
  • 20,544
  • 6
  • 69
  • 116
  • 7
    You may not realize it but the question, atleast for me is to broad, to be answered. A more correct question would be "Would a proxy server provide sufficient security for activity X?" And that question is also a very subjective question. – artifex Apr 06 '11 at 04:34
  • This web site sometimes finds out my real IP even when I use so called "anonymous" proxy: http://mylocation.org – user26184 May 19 '13 at 18:57

4 Answers4

23

Just because your traffic is passing though a proxy it doesn't mean you are safe. "Transparent" proxies will transmit your IP address using the X-Forwarded-For HTTP header. There are also cookies that can be used to identify you, such as flash's evercookie. You can even be fingerprinted and tracked by the extensions you have installed and what versions you are running using The EFF's panopticlick.

Using Tor in Firefox from an open wireless access point works well. Ironically, the fingerprints gathered by EFF's panopticlick is used to make the Firefox's anonymous mode more difficult to track. This is because Mozilla and the EFF are working together on this project.

rook
  • 46,916
  • 10
  • 92
  • 181
4

besides of what @Rook pointed out, you risk getting you real ip revealed by browser plugin like flash or java.

kuhkatz
  • 149
  • 1
  • 4
4

If you are really worried about someone finding out your IP address, then I would definitely use Tor/Vidalia. It is free and is very secure, used by many government agents in the field to ensure an encrypted connection at all times. You can also put your browser into safe-mode, where javascript, cookies, extensions, history, etc...are all disabled. For security purposes I would also recommend using Linux or some other Unix based system.

Mr_CryptoPrime
  • 161
  • 1
  • 4
    Really? Used by many government agents? Do you have references to back that up? As pointed out by Rook, there is more to this than just hiding the source IP. – David Stubley Apr 07 '11 at 13:51
  • 2
    Straight from home page of Tor (https://www.torproject.org/about/torusers.html.en#military): "Militaries and law enforcement use Tor to protect their communications, investigations, and intelligence gathering online." Plus, I was drawing from personal experience. Furthermore, I do not claim to have a better answer, but am merely augmenting/expounding upon Rook's answer. The question was phrased simply and so I was providing simple ways to protect yourself on the internet. – Mr_CryptoPrime Apr 07 '11 at 14:02
4

This is a huge question with amazingly huge overhead. But at the same time, it can be whittled down to a simple answer: no.

My first questions are about the network design. Are you looking to hide your private network IP address or your public facing IP? Is the proxy part of your infrastructure? Are there other network devices at play (i.e. NAT enabled devices). If you are looking to obscure your private address, that is a much more obtainable goal. Also in that case, the proxy isn't the necessary step (though it may give the same functionality), Network Address Translation (NAT) would be the key. And you still would would need to lock down your firewalls, browser, etc.

The other responses covered the other part of the picture. With how dynamic web sites and web services are today, there are many means other than just your source IP address that a potential attacker or investigator may leverage to find out your information.

Please include the reasoning behind this question. If you are doing this simply for securing your identity, then this is one of many steps you will need to take. If you are thinking about doing something malicious, please reconsider and if nothing else realize that needing to ask such a generalized question should tell you that you would inevitably be found out (no offense).

Ormis
  • 1,940
  • 13
  • 18