Ways to hide the IP address on the Internet
Before we take a closer look at the well-known technologies of hiding your real IP address, we need to find out your IP address and find out some things that denounce our computer on the network, such as the DNS server address. To do this, just go to any anonymity checking service, for example www.whoer.net , the main thing is that it has an interactive check of your computer using Java, ActiveX, Flash and Javascipt. Changing your IP address, for example using Socks or VPN, is not enough, because There are many technologies that allow to reveal it, which must either be turned off on your computer, or deceived. Also, it would not be superfluous to change the transmitted HTTPT headers, this will allow you to "knock down" the definition of installed software and the geographical location of the computer. You can check your computer in more detail in the extended version www.whoer.net/ext .
Externally, a VPN connection is not much different from connecting to a normal local network: applications do not feel the difference at all and therefore, without any configuration, they will use it to access the Internet. When one of them wants to access a remote resource, a special GRE packet (Generic Routing Encapsulation, general route encapsulation) will be created on the computer, which will be sent to the VPN server in encrypted form. The VPN server, in turn, will decrypt this packet, figure out what its essence is (request to download any HTTP page, just transfer data, etc.), and execute on its behalf (that is, it will light its IP a) appropriate action. Then, having received the response from the remote resource, the VPN server will put it in the GRE packet, encrypt it and send it back to the client in this form.
Continuous encryption of transmitted data is a key to security. PPTP traffic can be encrypted using MPPE (Microsoft Point-to-Point Encryption, supports 40-, 56-, and 128-bit keys) . This is a Microsoft protocol. Earlier versions were monstrously leaky and just cracked, new errors were fixed in the new ones, but Microsoft's attempts to do something in the field of cryptography cause nothing but laughter. New versions of their protocols simply do not specifically analyze for holes.
')
OpenVPN is a free implementation of VPN technology, organized on the basis of the TCP / IP protocol stack generally accepted on the Internet. This ensures that the connection will work even with those providers that do not support PPTP (most often they are cellular operators that cut all GRE packets passing through GPRS and EDGE). Also, OpenVPN works even when you do not have a real IP address, unlike PPTP, which requires the simultaneous establishment of two network sessions.
OpenVPN has a number of advantages over VPN technology:
Servers for anonymous VPNs are usually installed in countries where they are most loyal to hacking, spam, etc. (China, Korea and others). In most cases, there is an agreement with the administration, which for a certain fee undertakes to ignore complaints about the abuse-service and not to keep logs. Based on my experience, I can recommend a fully automatic OpenVPN service www.vpnlab.ru with a large selection of servers.
A proxy server (from the English proxy - “representative, authorized”) is a service in computer networks that allows clients to perform indirect requests to other network services.
First, the client connects to the proxy server and requests a resource (for example, a file) located on another server. Then the proxy server connects to the specified server, receives the resource from it and sends it to the client.
Which servers and protocols we can access through a proxy depends on the type of this proxy, that is, the protocol by which we access it. There are several types of proxies: HTTP proxies, SOCKS4, SOCKS5, and some others.
HTTP proxies are most common, they are easiest to find on the Internet, but they only work with HTTP (there are also https proxies), and they can also insert the client’s address into the request headers, that is, they are not anonymous.
The SOCKS protocol is most noteworthy in that it encapsulates the transport layer, not the application layer, i.e. TCP / IP and UDP / IP. Since only these protocols can work on the Web, through SOCKS you can work with any servers, including the same SOCKS, and thus organize chains of SOCKS servers. For the same reason, all SOCKS servers are anonymous - it is impossible at the TCP / IP and UDP / IP level to transmit additional information without disrupting the operation of the higher protocol.
You can also identify anonymizers - they look like a regular search engine, but instead of words / phrases, you need to enter the URL of the site that you would like to see. Anonymizers are scripts written, for example, in perl, php, cgi-scripts.
A couple of useful programs for working with http proxies and socks:
SocksChain is a program that allows you to work through a SOCKS chain or HTTP proxy (you need to remember that any proxy server, especially free, keeps a log. And a person who has the appropriate rights will always be able to figure out where you went and what you did , even if you use chains of 10 anonymous proxy servers in different parts of the planet).
FreeCap is a program for transparently forwarding connections through a SOCKS server of programs that do not have native SOCKS proxy support.
Tor (The Onion Router) is a free (BSD) implementation of the second generation onion router (the so-called “onion (multilayer) routing”). A system that allows users to connect anonymously, ensuring the transmission of user data in an encrypted form. Considered as an anonymous network, providing anonymous web surfing and secure data transfer. With Tor, users can maintain anonymity when they visit websites, post materials, send messages, and work with other applications that use the TCP protocol. Traffic security is ensured through the use of a distributed network of servers called “multilayered routers” (onion routers).
Users of the Tor network launch onion-proxy on their machine; this software connects to Tor servers, periodically forming a virtual chain through the Tor network, which uses cryptography in a multilevel way (the onion analogy is English. Onion).
Each packet that enters the system passes through three different servers (node), which are randomly selected. Before sending, the packet is sequentially encrypted with three keys: first for the third node, then for the second, and, finally, for the first.
When the first node receives a packet, it decrypts the "upper" layer of the cipher (analogy with how to clean the onion) and find out where to send the packet further. The second and third server do the same. At the same time, onion-proxy software provides a SOCKS interface. SOCKS programs can be configured to work through the Tor network, which, by multiplexing traffic, directs it through the Tor virtual chain, which ultimately allows for anonymous surfing on the network.
There are special Tor add-ons for Opera, Firefox web browsers.
SSH (Secure Shell) is a network protocol that allows you to remotely control a computer and transfer files. Uses encryption algorithms for transmitted information.
SSH tunneling can be considered as a cheap replacement for VPN. The principle of this implementation is as follows: all network software on the computer is forwarded to the designated port (of your local host), on which the service connected via SSH to the server (and as we know, the connection via SSH protocol is encrypted) and tunneling all requests hang; then all your traffic (no longer in encrypted form) can be forwarded from the server to a proxy (supporting tunneling) or a socks, which send all traffic to the required addresses. The presence of a proxy or socks is not required.
What are the advantages of this system:
In one of the German institutions was developed a rather cunning way of preserving anonymity. A special JAP proxy program is installed in the user's system, which accepts all user requests for connections, encrypts (AES with 128-bit key length) and sends it to a special intermediate server (the so-called mix) in safe mode. The fact is that the mix simultaneously uses a huge number of users, and the system is designed so that each of them is indistinguishable to the server. And since all clients are the same, it is not possible to calculate specifically one user.
Mixes are usually set on a voluntary basis, mainly in universities, which officially confirm that they do not keep any logs. In addition, mix chains, typically 3 mixes, are used.
Consider the example of the Peek-A-Boot network:
Peek-A-Booty is a distributed peer-to-peer network of computers belonging to volunteers from different countries. The network was created so that users could bypass the restrictions imposed by local censorship and get access to Internet resources prohibited in a given state.
Each node of the network is masked, so that the user can send requests and receive information from specific IP addresses, bypassing censorship barriers.
The user connects to a special network where Peek-A-Booty works. Several randomly selected computers access the website and send data to the person who sent the request.
All traffic on this network is encrypted using the SSL e-commerce standard, so everything looks like an innocent transaction.
Of all the methods considered by us, only TOR and P2P are completely free, while they are highly reliable, but, unfortunately, they are not convenient in daily use and configuration.
From the point of view of a high level of security and simplicity, OpenVPN leads the tincture, but its prices start at $ 15 a month. Widespread distribution now receives DoubleVPN technology in which packets pass through two VPN servers. This is probably the fastest and most convenient solution to the issue of guaranteed anonymity, but the price ...
An interim solution can be the so-called VPN analogue - SSH tunneling, for which only shell access is sufficient, which is quite cheap, and the connection is configured, for example, via Putty. Unfortunately, the setup is not simple and time-consuming, ease of use is also lame, so this is still an option for the "geek".
VPN (Virtual Private Network, Virtual Private Network)
Externally, a VPN connection is not much different from connecting to a normal local network: applications do not feel the difference at all and therefore, without any configuration, they will use it to access the Internet. When one of them wants to access a remote resource, a special GRE packet (Generic Routing Encapsulation, general route encapsulation) will be created on the computer, which will be sent to the VPN server in encrypted form. The VPN server, in turn, will decrypt this packet, figure out what its essence is (request to download any HTTP page, just transfer data, etc.), and execute on its behalf (that is, it will light its IP a) appropriate action. Then, having received the response from the remote resource, the VPN server will put it in the GRE packet, encrypt it and send it back to the client in this form.
Continuous encryption of transmitted data is a key to security. PPTP traffic can be encrypted using MPPE (Microsoft Point-to-Point Encryption, supports 40-, 56-, and 128-bit keys) . This is a Microsoft protocol. Earlier versions were monstrously leaky and just cracked, new errors were fixed in the new ones, but Microsoft's attempts to do something in the field of cryptography cause nothing but laughter. New versions of their protocols simply do not specifically analyze for holes.
')
OpenVPN is a free implementation of VPN technology, organized on the basis of the TCP / IP protocol stack generally accepted on the Internet. This ensures that the connection will work even with those providers that do not support PPTP (most often they are cellular operators that cut all GRE packets passing through GPRS and EDGE). Also, OpenVPN works even when you do not have a real IP address, unlike PPTP, which requires the simultaneous establishment of two network sessions.
OpenVPN has a number of advantages over VPN technology:
- Adaptive data compression in conjunction with the use of the LZO compression algorithm. The speed of data transfer through OpenVPN is higher than that of PPTP;
- Supports flexible client authentication authentication methods based on certificates;
- Using one TCP / UDP port without binding to a specific port (in our case, UDP);
- 2048-bit encryption provides unprecedented security, implemented through a permanent key.
Servers for anonymous VPNs are usually installed in countries where they are most loyal to hacking, spam, etc. (China, Korea and others). In most cases, there is an agreement with the administration, which for a certain fee undertakes to ignore complaints about the abuse-service and not to keep logs. Based on my experience, I can recommend a fully automatic OpenVPN service www.vpnlab.ru with a large selection of servers.
Proxy, SOCKS
A proxy server (from the English proxy - “representative, authorized”) is a service in computer networks that allows clients to perform indirect requests to other network services.
First, the client connects to the proxy server and requests a resource (for example, a file) located on another server. Then the proxy server connects to the specified server, receives the resource from it and sends it to the client.
Which servers and protocols we can access through a proxy depends on the type of this proxy, that is, the protocol by which we access it. There are several types of proxies: HTTP proxies, SOCKS4, SOCKS5, and some others.
HTTP proxies are most common, they are easiest to find on the Internet, but they only work with HTTP (there are also https proxies), and they can also insert the client’s address into the request headers, that is, they are not anonymous.
The SOCKS protocol is most noteworthy in that it encapsulates the transport layer, not the application layer, i.e. TCP / IP and UDP / IP. Since only these protocols can work on the Web, through SOCKS you can work with any servers, including the same SOCKS, and thus organize chains of SOCKS servers. For the same reason, all SOCKS servers are anonymous - it is impossible at the TCP / IP and UDP / IP level to transmit additional information without disrupting the operation of the higher protocol.
You can also identify anonymizers - they look like a regular search engine, but instead of words / phrases, you need to enter the URL of the site that you would like to see. Anonymizers are scripts written, for example, in perl, php, cgi-scripts.
A couple of useful programs for working with http proxies and socks:
SocksChain is a program that allows you to work through a SOCKS chain or HTTP proxy (you need to remember that any proxy server, especially free, keeps a log. And a person who has the appropriate rights will always be able to figure out where you went and what you did , even if you use chains of 10 anonymous proxy servers in different parts of the planet).
FreeCap is a program for transparently forwarding connections through a SOCKS server of programs that do not have native SOCKS proxy support.
TOR
Tor (The Onion Router) is a free (BSD) implementation of the second generation onion router (the so-called “onion (multilayer) routing”). A system that allows users to connect anonymously, ensuring the transmission of user data in an encrypted form. Considered as an anonymous network, providing anonymous web surfing and secure data transfer. With Tor, users can maintain anonymity when they visit websites, post materials, send messages, and work with other applications that use the TCP protocol. Traffic security is ensured through the use of a distributed network of servers called “multilayered routers” (onion routers).
Users of the Tor network launch onion-proxy on their machine; this software connects to Tor servers, periodically forming a virtual chain through the Tor network, which uses cryptography in a multilevel way (the onion analogy is English. Onion).
Each packet that enters the system passes through three different servers (node), which are randomly selected. Before sending, the packet is sequentially encrypted with three keys: first for the third node, then for the second, and, finally, for the first.
When the first node receives a packet, it decrypts the "upper" layer of the cipher (analogy with how to clean the onion) and find out where to send the packet further. The second and third server do the same. At the same time, onion-proxy software provides a SOCKS interface. SOCKS programs can be configured to work through the Tor network, which, by multiplexing traffic, directs it through the Tor virtual chain, which ultimately allows for anonymous surfing on the network.
There are special Tor add-ons for Opera, Firefox web browsers.
Ssh tunneling
SSH (Secure Shell) is a network protocol that allows you to remotely control a computer and transfer files. Uses encryption algorithms for transmitted information.
SSH tunneling can be considered as a cheap replacement for VPN. The principle of this implementation is as follows: all network software on the computer is forwarded to the designated port (of your local host), on which the service connected via SSH to the server (and as we know, the connection via SSH protocol is encrypted) and tunneling all requests hang; then all your traffic (no longer in encrypted form) can be forwarded from the server to a proxy (supporting tunneling) or a socks, which send all traffic to the required addresses. The presence of a proxy or socks is not required.
What are the advantages of this system:
- To organize this scheme, you do not need to install server software (since you can easily get an SSH account and socks on the Internet);
- Because when an SSH connection is encrypted and compressed, then we get a small increase in the speed of work in the internet (this is true when the sox daemon is on the same server);
- In the case when the socks server is located on another host, we get an additional chain of servers that increase our security and anonymity.
JAP
In one of the German institutions was developed a rather cunning way of preserving anonymity. A special JAP proxy program is installed in the user's system, which accepts all user requests for connections, encrypts (AES with 128-bit key length) and sends it to a special intermediate server (the so-called mix) in safe mode. The fact is that the mix simultaneously uses a huge number of users, and the system is designed so that each of them is indistinguishable to the server. And since all clients are the same, it is not possible to calculate specifically one user.
Mixes are usually set on a voluntary basis, mainly in universities, which officially confirm that they do not keep any logs. In addition, mix chains, typically 3 mixes, are used.
P2P anonymizers
Consider the example of the Peek-A-Boot network:
Peek-A-Booty is a distributed peer-to-peer network of computers belonging to volunteers from different countries. The network was created so that users could bypass the restrictions imposed by local censorship and get access to Internet resources prohibited in a given state.
Each node of the network is masked, so that the user can send requests and receive information from specific IP addresses, bypassing censorship barriers.
The user connects to a special network where Peek-A-Booty works. Several randomly selected computers access the website and send data to the person who sent the request.
All traffic on this network is encrypted using the SSL e-commerce standard, so everything looks like an innocent transaction.
Conclusion
Of all the methods considered by us, only TOR and P2P are completely free, while they are highly reliable, but, unfortunately, they are not convenient in daily use and configuration.
From the point of view of a high level of security and simplicity, OpenVPN leads the tincture, but its prices start at $ 15 a month. Widespread distribution now receives DoubleVPN technology in which packets pass through two VPN servers. This is probably the fastest and most convenient solution to the issue of guaranteed anonymity, but the price ...
An interim solution can be the so-called VPN analogue - SSH tunneling, for which only shell access is sufficient, which is quite cheap, and the connection is configured, for example, via Putty. Unfortunately, the setup is not simple and time-consuming, ease of use is also lame, so this is still an option for the "geek".
Source: https://habr.com/ru/post/72820/
All Articles