xanix
Advanced
- Joined
- 20.10.20
- Messages
- 112
- Reaction score
- 794
- Points
- 93
Below you can understand how you can be calculated and remove these holes in your anonymity.
Check yourself for anonymity:
whoer.net -
BrowserLeaks.com
At the moment, 14 verification methods have been collected:
1. HTTP proxy headers
Some proxies append their headers to the request that the user's browser initiates. Often this is the real IP address of the user.
Make sure that the proxy server, if it writes something in the headers listed below, at least not your address:
HTTP_VIA, HTTP_X_FORWARDED_FOR, HTTP_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED, HTTP_CLIENT_IP, HTTP_FORWARDED_FOR_IP, VIA, X_FORWARDED_FOR, FORWARDED_FOR, X_FORWARDED, FORWARDED, CLIENT_IP, FORWARDED_FOR_IP, HTTP_PROXY_CONNECTION
2. Open HTTP proxy ports
The IP address from which the request came to our page can say a lot. For example, you can see which ports are open on the other side?
The most popular ports are 3128, 1080 and 8123. If you do not use them, it is quite possible to avoid unjustified suspicions of using 3proxy, SOCKS 5 or Polipo.
3. Open ports to the web proxy
As in the case of HTTP, the web proxy can be hung on any port, but we wanted the test to work very quickly, so we limited the reverse connection to ports 80 and 8080.
Given a web page? Great! At the moment, we are able to define PHProxy, CGIProxy, Cohula and Glype.
Non-standard ports with authorization close the issue.
4. Suspicious host name
Having an IP address, you can try to cut off the hostname of the client. Stop words that can hint at a tunnel: vpn, hide, hidden, proxy.
You should not link domain names to a personal VPN, and if you do, then you should avoid "talking" names.
5. Difference in time zones (browser and IP)
Based on the GeoIP data, you can find out the country by the user's IP, and therefore its time zone. Then you can calculate the time difference between the browser and the time corresponding to the time zone of the VPN server.
Is there a difference? So the user is probably hiding.
For Russia, there is no exact base of latitude and longtitude for regions, and since there are many time zones, we do not take these addresses into account in the final result. With European countries, everything is the opposite, they are very good at burning.
When switching to a VPN, you should not forget to translate the system time, change the time in the browser, or work with Russian proxies.
6. IP belonging to the Tor network
If your IP address is a Tor node from the site list, congratulations, you've been burned.
Nothing criminal, but the fact of revealing that you are hiding is not very encouraging.
12. Leakage through social networks (instagram, twitter, my world, etc.)
is not a leak of the IP address, but giving everyone left and right the names of authorized users, for example Facebook merges private data that undermines all the anonymity of surfing.
The "Log out" button after each session generally solves the problem, but the best recommendation is not to use social networks
13. WEB-RTC
WebRTC allows you to set up a conference call without using plug-ins through modern browsers Mozilla and Chrome, but it reveals your real IP even when using a VPN, as well as a list of all local IP addresses that are behind NAT.
WebRTC is only supported in Chrome and Firefox browsers. Native support for WebRTC by Internet Explorer and Safari browsers does not exist.
Disabling WebRTC in Firefox:
In the browser's address bar, enter
Code:
Setting in the search:
Code:
Disabling WebRTC in Chrome:
In the Google Chrome browser, you need to install the WebRTC Block plugin to block WebRTC
Disabling WebRTC on Android for Chrome users:
In the address bar of the Chrome browser, enter:
Code:
is another alternative way to define proxy and vpn:
Check yourself for anonymity:
whoer.net -
BrowserLeaks.com
At the moment, 14 verification methods have been collected:
1. HTTP proxy headers
Some proxies append their headers to the request that the user's browser initiates. Often this is the real IP address of the user.
Make sure that the proxy server, if it writes something in the headers listed below, at least not your address:
HTTP_VIA, HTTP_X_FORWARDED_FOR, HTTP_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED, HTTP_CLIENT_IP, HTTP_FORWARDED_FOR_IP, VIA, X_FORWARDED_FOR, FORWARDED_FOR, X_FORWARDED, FORWARDED, CLIENT_IP, FORWARDED_FOR_IP, HTTP_PROXY_CONNECTION
2. Open HTTP proxy ports
The IP address from which the request came to our page can say a lot. For example, you can see which ports are open on the other side?
The most popular ports are 3128, 1080 and 8123. If you do not use them, it is quite possible to avoid unjustified suspicions of using 3proxy, SOCKS 5 or Polipo.
3. Open ports to the web proxy
As in the case of HTTP, the web proxy can be hung on any port, but we wanted the test to work very quickly, so we limited the reverse connection to ports 80 and 8080.
Given a web page? Great! At the moment, we are able to define PHProxy, CGIProxy, Cohula and Glype.
Non-standard ports with authorization close the issue.
4. Suspicious host name
Having an IP address, you can try to cut off the hostname of the client. Stop words that can hint at a tunnel: vpn, hide, hidden, proxy.
You should not link domain names to a personal VPN, and if you do, then you should avoid "talking" names.
5. Difference in time zones (browser and IP)
Based on the GeoIP data, you can find out the country by the user's IP, and therefore its time zone. Then you can calculate the time difference between the browser and the time corresponding to the time zone of the VPN server.
Is there a difference? So the user is probably hiding.
For Russia, there is no exact base of latitude and longtitude for regions, and since there are many time zones, we do not take these addresses into account in the final result. With European countries, everything is the opposite, they are very good at burning.
When switching to a VPN, you should not forget to translate the system time, change the time in the browser, or work with Russian proxies.
6. IP belonging to the Tor network
If your IP address is a Tor node from the site list, congratulations, you've been burned.
Nothing criminal, but the fact of revealing that you are hiding is not very encouraging.
View hidden content is available for registered users!
12. Leakage through social networks (instagram, twitter, my world, etc.)
is not a leak of the IP address, but giving everyone left and right the names of authorized users, for example Facebook merges private data that undermines all the anonymity of surfing.
The "Log out" button after each session generally solves the problem, but the best recommendation is not to use social networks
13. WEB-RTC
WebRTC allows you to set up a conference call without using plug-ins through modern browsers Mozilla and Chrome, but it reveals your real IP even when using a VPN, as well as a list of all local IP addresses that are behind NAT.
WebRTC is only supported in Chrome and Firefox browsers. Native support for WebRTC by Internet Explorer and Safari browsers does not exist.
Disabling WebRTC in Firefox:
In the browser's address bar, enter
Code:
Setting in the search:
Code:
Set the value to "false" and check again!
Disabling WebRTC in Chrome:
In the Google Chrome browser, you need to install the WebRTC Block plugin to block WebRTC
Disabling WebRTC on Android for Chrome users:
In the address bar of the Chrome browser, enter:
Code:
Setting the value to "enable"
is another alternative way to define proxy and vpn: