Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Who's got it? Who's giving it away? How to protect your privacy and steal it from other people. For intellectual privacy, personal privacy, and blackhats alike... 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Proxy Detection
Posted by: Ivan
Date: December 06, 2008 06:41AM

Hello everyone,

As I know there is no trustful way to find if user use proxy but there is some ways:

1. Check SERVER headers and look for specific items
2. Connecting to "user/proxy" IP, and looking for open ports that is common for proxies.
3. Set cookie trap.

Using all this methods we can find some way to expose (lame) proxy users.
I wrote some class with all this methods: http://security-net.biz/files/proxyCheck/proxyCheck.class.php.txt , I need to know what You think about this ?

If there is no any headers that tell us that there is proxy we have methods:

2. Check for open ports, but this is not very good because we must scan big range and some computers have open ports by default/needs.
And there is some firewalls that can recognise this action as attack.

3. We can set unique cookie for each user with IP as value and check every time
if that cookie have the same value each time.
This is not good because user can clear cookies or maybe there is some user who have dynamic IP.


What You think ? Is there some another way to check for proxies ... except some online services as MaxMind or Samair.ru ?


Thanks,
Ivan

http://www.security-net.biz/

Options: ReplyQuote
Re: Proxy Detection
Posted by: SpoofGhost
Date: December 13, 2008 09:03PM

well isn't it possible to catch the ip of every one that is surfing your site and connect back to that ip if it is a proxy you can also use it atleast if it is public so if you can use it that meens it is a proxy

Options: ReplyQuote
Re: Proxy Detection
Posted by: Ivan
Date: December 18, 2008 01:26PM

There is a problem because You don't know which port they use. But it is interesting and I will implement that function (with common ports).

It is similar to method 2 described above.

http://www.security-net.biz/

Options: ReplyQuote


Sorry, only registered users may post in this forum.