Tuesday, January 15, 2008

Anonymous proxy risks

Anonymous proxy risks

In using a proxy server (for example, anonymizing HTTP proxy), all data sent to the service being used (for example, HTTP server in a website) must pass through the proxy server before being sent to the service, mostly in unencrypted form. It is therefore possible, and has been demonstrated, for a malicious proxy server to record everything sent to the proxy: including unencrypted logins and passwords.

By chaining proxies which do not reveal data about the original requester, it is possible to obfuscate activities from the eyes of the user's destination. However, more traces will be left on the intermediate hops, which could be used or offered up to trace the user's activities. If the policies and administrators of these other proxies are unknown, the user may fall victim to a false sense of security just because those details are out of sight and mind.

The bottom line of this is to be wary when using proxy servers, and only use proxy servers of known integrity (e.g., the owner is known and trusted, has a clear privacy policy, etc.), and never use proxy servers of unknown integrity. If there is no choice but to use unknown proxy servers, do not pass any private information (unless it is properly encrypted) through the proxy.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

FEEDJIT Live Traffic Feed

meta name

Legal Disclaimer- Any actions and or activities related to the material contained within this Website is solely your responsibility. The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and Wetpaint will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law. This site contains materials that can be potentially damaging or dangerous. If you do not fully understand something on this site, then GO OUT OF HERE! Refer to the laws in your province/country before accessing, using,or in any other way utilizing these materials. These materials are for educational and research purposes only. Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW! Neither administration of this server, the authors of this material, or anyone else affiliated in any way, is going to accept responsibility for your actions. Neither the creator nor Wetpaint is responsible for the comments posted on this website. This site will Never harm u By giving Out Trojans, Virus or any related stuff. We do not Promote Hacking ! But Lets one be aware of all the Possibilities around. N promotes the way to Curb it to Protect urself.Rest is all Tricks n Tips.. ~ cheers ~

Blog Archive

Page copy protected against web site content infringement by Copyscape Website Hit Counter
Free Hit Counter