
As you already know, there are anonymous proxy servers that can be used for surfing the web anonymously. It is also interesting to know, is there a way of tracking down a web-surfer behind an anonymous proxy server.
Yes, there are a number of possibilities not only to detect a visitor using several anonymous proxy servers, but also to detect his real IP even if he is using an anonymous proxy server.
At first sight, cookies are not anyhow related to proxy servers. Cookies are used to transfer small portions of information from the web server to the client as an addition to the requested web page. This additional information is stored in the client s browser and is retrieved by the web server. Cookies can be both temporary (for one-time use during a web session; when the session is over, these cookies are deleted) and long-term (for continuous store on the client s machine).
So, why do we need cookies? For example, if the password is requested while checking your e-mail box. After you have entered the password, it is stored in cookies, so each time you browse from page to page, the web server would check the password in the cookies instead of asking for it on every page.
How can a cookie help to detect a proxy? You cannot detect IP with the help of cookies. However, when you first visit a web site, the IP (i.e. your proxy server s IP) is detected by the web server and then stored in the cookies. When you re-visit this site, the web server detects your IP again and checks it with the one stored in the cookies. If the IPs are not the same, the web server can make certain conclusions. And if you don't disable cookies in your browser, no proxy will help you (anonymizers can disable cookies and stop relaying them to your machine).
There are special subprograms (scripts) run by the client s browser. Therefore, no matter how hard you try to setup your browser (unless you disable these active scripts), you won't be able to hide your real IP. These scripts are actually classified as simple programs and have very limited number of functions, however they are able to detect your IP as well as many other settings of your browser. These scripts can change your browser settings too!
There is a multilevel protection from these scripts. You can restrict a script from accessing your browser features. However, the best way to protect your browser is completely disabling active scripts. You can disable scripts directly in anonymizers.
Unlike JavaScript, Java is a full-featured programming language. So Java scripts have many additional abilities (particularly, detecting or changing your browser settings). In other words, Java programs can easily detect your IP and partially the settings of your browser.
As far as it goes to protecting your IP from being detected by Java scripts, all is much more complicated: the most secure and probably the only way is to completely disable Java in browser settings, as long as Java has many network functions and it's quite difficult to switch them all off.
ActiveX and plug-ins are various add-ons and modules of your browser. These modules are in fact real proper programs run on the client s machine and therefore they have wider capacities than Java and Javascript. They can easily detect your browser settings and track down your real IP address. What's more, they can even easily change your proxy server s settings!
To secure your browser and IP address, disable ActiveX and plug-ins options in your browser settings.
The war between those who want to stay anonymous web-surfers and those who want to know all about their clients and visitors will never end. There always will be new ways of hiding your life inside the web, likewise there always will be new technologies to hack or to pass this protection.
You can secure your IP using several methods:
The first method of protection is very easy to pass: it only takes building a site based on Java/JavaScript/Cookies (for example, dynamic menus, etc.). In this case, if you switch off the active scripts, the site will not work (e.g. if you disable cookies, your access to web mail servers may be denied).
The second method doesn't provide a 100% guarantee that your IP address will be really protected. Here's why. There are two methods to identify your IP:
So, socksification can guard you from the first method of IP tracing, but it's totally useless when dealing with the second method.
What's the core of this task and what do you need to do in order to make it work?
There are two options to solve this problem:
And finally: any proxy server, especially a free proxy, keeps logs (reports) with detailed information on every IP sending requests to it as well as on the time of requests. So, any person or organization authorized to access this information can always find out what places in the web you have visited and what you did there, even if you use a chaining of 10 anonymous proxy servers located in different parts of the world.
Go back to proxy FAQ