logo

Did you find this site helpful? Please donate!

I need your support to make μ-OS and this site better. So please help me by donating some small sum.

Donations via Bitcoins

bitcoin:17uPzWN5YyzDnzcGBSDAotbKUB8tk8uCEK

bitcoin

or via PayPal are accepted.


What are Anonymous Proxies?

Proxies are machines that will redirect your connection to target machine.

Anonymous proxies are publicly available computers on the Internet that should hide from the target machine the fact that you are not connecting directly to it but using proxy instead.

However, before you go blindly using some of the so called "anonymous" proxies out there in the wild you should know few things first.

When it comes to level of anonymity there are basically two types of proxies:
  1. Transparent proxies

    These proxies allow or deny your connection to target machine and don't do any hiding. The target machine will know your true IP-address and often also the fact that you are using proxy.

    These kind of proxies are most often used by corporate and school networks in smaller scale and by ISPs or even whole countries (a.k.a. Great Firewall of China) in larger scale. Their role is to act as an content filter to prevent you from doing warez, watching porn, voting democrats, joining to some spiritual movement (that is best left unnamed here) or doing whatever activity the network owner has decided that is illegal in their network (or country).

    They are often very strictly configured, allowing connections in and out only to certain ports, only to certain IP-addresses or even to only certain URLs. In addition to content filtering and working as a firewall, transparent proxies can be configured to cache all network content that passes throught it and also log every IP-address inside network that tries to connect throught it into the Internet.

    If you are behind transparent proxy that blocks everything but ports 80 and 443 and does URL filtering then you have two choises. You can setup a HTTPS tunnel or hunt for a public HTTPS proxy that will allow you to surf more freely.

    If you are behind transparent proxy that is blocking everything but port numbers 22, 80 and 443 then you can also try SSH tunnel with a local SOCKS5 proxy. In comparison to above mentioned HTTPS tunnel this setup can be used for anykind of network connection, not just web surfing.

    If there is no port 22 open but there is port 1080 open, then you can try to use publicly available SOCKS5 proxy from the Internet for your connection. Port 1080 is the default port for SOCSK5 protocol but it could be any port number between 1 - 65535 decided by the owner of the SOCKS5 proxy server. Public SOCKS5 proxies are much more harder to find than HTTPS proxies and they can be used for anykind of network connection, not just Internet surfing. Keep also in mind that in this setup you have to make sure that you are using encryption inside your SOCKS5 connection (HTTPS, SSH, VPN etc..).


  2. So called Anonymous or High Anonymous Proxies (also sometimes called by name "Elite Proxies")

    These are publicly available proxy machines that should hide the target machine of the fact that you are not connecting to it directly.

    Weight on the word "should".

    You see, there is no guarantee that the so called anonymous proxies out there are really anonymous. You don't know, without testing, that the proxy you are using is really hiding your browser headers and true IP-address. You don't know if the proxy you are using is not logging everything that passes throught it. Even if the connection is HTTPS encrypted the proxy could just decrypt the traffict, log everything and then encrypt it again before sending it toward target. This is made possible with SSL spoofing (read more from here for gory details how schools, corporations and goverments could be decrypting your HTTPS connections). You can't know who is operating that proxy you are using (it could be FBI, CIA, KGB etc..).

    However ...

    You can still use (and should use) these proxies if you keep in mind the following three simple safety rules:

    1. Always check beforehand if the proxies that you see in those proxy list that float in the Internet are really anonymous!

      For example: I have checked several HTTP/HTTPS proxies from the Hide My Ass Free Proxy List and nine times out of ten the so called "high anoymous" proxies were happily revealing my browser headers and true IP-address!

      So always check beforehand that the proxy really is anonymous before starting fooling around!!!

      You can find plenty of IP-address checking sites with "what is my ip" google keyword or you can try some proxy checking tool.

      For Microsoft Windows there is at least Elite Proxy Switcher that you can use to test anonymity level of HTTP/HTTPS proxies.

      If you are using SOCKS5 proxy instead then you really don't need to check for anonymity. SOCKS5 proxies are by default anonymous and don't reveal any data about you. The only thing that you must keep in mind when using these proxies is that you use encryption and check also that the SOCKS5 proxy you use supports encryption, like HTTPS.

      Most of those SOCKS5 proxies support HTTPS because SOCKS5 protocol does not care about the data that passes throught it, unencrypted or encrypted. Of course, if the proxy owner has decided to block port 443 (the default port used by HTTPS) then you can't connect to any https:// site and you need to find another SOCKS5 proxy.


    2. Always, when possible, use encryption!!

      As I said before you can't trust proxy owner. Ever.

      What you are basically doing when using publicly available proxy is trusting your network connection to 3rd party for handle.

      Any encryption is better than no encryption when using proxy.


    3. And finally, never ever use online banking, facebook, e-mail, e-commerse or any other service that needs username and password authentication with proxy!!!

      You have no way of knowing if the proxy you are using with supposedly secrure HTTPS encrypted connection is doing SSL certificate spoofing while at the same time decrypting your HTTPS traffic and stealing your username and password!!!

      Always use direct HTTPS connection to any site that asks username and password and proxy for rest.

      For Mozilla Firefox there is at least extension called FoxyProxy that let's you decide when to use proxy and when direct connection. It works by doing regular expression match against the current URL you visit and the predefined proxy rules you have gived to it to decide if to use proxy or to use direct connection.


    Later, when I have time, I will add specific instructions how to bypass transparent proxies, how to hunt, check and use anonymous proxies and also will tell you about a very cool technique called proxy chaining.