• Please review our updated Terms and Rules here

Proxy Server Solutions

S

stangman517

Experienced Member
Joined
Dec 15, 2014
Messages
243
Location
Georgia, USA
Greetings!

My Linksys Smart Wifi router is fairly high tech and I believe it encrypts well, but I realize it's not fool-proof. In today's world we can't be too safe while on the Internet. Is anyone using or can recommend a good proxy server software solution to mask a home users' IP/internet connectivity?. I prefer to use a proxy server locally and not a web-based proxy (may cost more money than I want to pay/trust). Granted some web-based proxy server hosts may offer the ultimate in service and it is constantly updated, but probably very pricey and more than I want to pay! Trust is a serious issue with me. I trust me! So maintaining my own server is my first choice. I'm simply looking to build my own proxy server at home where I maintain/update with less expense, and the software is reliable and not the "new kid on the block." It can be a Windows based but preferably a Linux based solution.

So any thoughts will be appreciated.
 
Last edited:
For my proxy needs, I use a Java SOCKS5 proxy (and tinyproxy for those apps that only know how to handle HTTP proxies). tinyproxy may be completely sufficient for your purposes. I don't know if there's a Windows versions, but it works very well on just about any Un*xy thing.
 
What's the point? I mean if you have the proxy at home then the proxy will have (and surf the web) with the same IP that your Linksys router has now. So whatever you do at home, you can't really hide your IP with that.
 
I agree "What's the point?" But it's my understanding a proxy service will give a surfer complete anonymity while surfing the web. Granted some(maybe all) proxy services keep server logs (I know this when I SA'd a web server for the US Courts) and these logs do keep details as to where a user surfs, IPs, etc. These, of course, can be tracked back to an ISP and can be subpoenaed by the courts. I'm ok if the Courts want to track where I've been but NOT all the NO GOODS out there. I do not know all the tricks of hacking a users' web activities, so I only want to block my IP to these NO GOODS (even my routers IP) because they may have tools to track my router's IP to an ISP, but CAN THEY track a physical location is what I do not know. I thought a proxy masquerades a computer to all other users. This is what I want it to do.

Thoughts, anything?
 
Last edited:
Now this makes sense. If I can block all my other internal computers access to the internet except through the proxy THEN this is good, but I still want to block my router's IP from NO GOODS.

I haven't looked at your suggestion of tinyproxy. Can tinyproxy block my router's IP?

I've heard of Sophos. Any thoughts or anyone using Sophos?

Thanks
 
stangman517:The proxy will run on a computer behind your router, unless you put a computer (to run the proxy) between your ISP modem and your router (assuming they are not combined in the same unit). So the proxy cannot block any IP. And it's not useful for protecting against anything, that's what the router is for, assuming it's sophisticated enough to run a proper firewall. If it isn't, get a better one, or use a computer after the router which can be set up as a firewall.
In any case, whatever you install at your home will access the internet with your own same IP, the one provided by your ISP. Nothing changes that.
If you want to browse the net with some other IP you'll have to use an external proxy service. So why not instead go the whole way and set up your browser to go through a tor proxy. That's more anonymous than a general external proxy service.

Tinyproxy is great for what ClassicHasClass describes: A home network set up so that an internal network doesn't have internet access at all, but they can see the proxy port on a single internal IP. That IP belongs to a computer which runs tinyproxy, and can access the internet through the router. So all the internal network computers can browse the web by going through that proxy, but they can't do anything else.

Edit: As for Sophos, I hadn't heard about it before. The company page isn't very clear, the Wikipedia article is just rubbish (corporate spin), and a PC Mag (I think it was) article describes it as just another antivirus service. I don't know if it is relevant.
 
Last edited:
Last edited:
Hello Tor.

I read a little about this. Wkipedia says: "United States Naval Research Laboratory employees, mathematician Paul Syverson and computer scientists Michael G. Reed and David Goldschlag, with the purpose of protecting U.S. intelligence communications online."

This is what I want!!! Is this the website I should do more research on? => https://www.torproject.org/

Thanks
 
I run my network with a thin client running dnsmasq on OpenBSD. It also collects and relays all email, and provides a firewall and DHCP server.

I've been doing this at least for the last 10 years. Is this what everyone's talking about?

I've used anonymous proxies externally to fool location-sensitive sites as to my location. (e.g., I used a UK proxy to listen to the London Olympics on Radio 5 Live).
 
I think this thread has been covering two things: people who use proxies as means of enabling internal access to the outside world without routing, and people using proxies as anonymizers (which appears to be what the OP actually wants).
 
Ok I've read some on Tor, and NOT an expert by no means. However, will Tor be blocked by legit sites? Read this from http://whatismyipaddress.com/tor: => "Wikipedia, the online public encyclopedia, strives to prevent Tor users from accessing their website." Tor sounds like what I want but not at the costs of not being able to access legitimate sites. Recapping my OP I simply want to block my physical location from the BAD GUYS not the good guys. Yes my Linksys router is the latest and greatest and I trust its firewall capabilities, but it doesn't hide the IP of my ISP, but when I first checked whatismyipaddress it showed my location in one city then I checked it again 30 mins later and it showed my location in another city. So this is cool for me! It appears my ISP uses different routing locations for delivery of my traffic, and this makes sense. I'll still look at Tor because it sounds interesting. Thanks for everyone's insightful responses!!
 
Some sites may block Tor, sure, because it's agnostic about who uses it. Bad actors can use Tor to try to attack sites, so some sites just say, we know you're a Tor exit node and we don't accept your traffic.
 
stangman517 said:
Greetings!

My Linksys Smart Wifi router is fairly high tech and I believe it encrypts well, but I realize it's not fool-proof. In today's world we can't be too safe while on the Internet. Is anyone using or can recommend a good proxy server software solution to mask a home users' IP/internet connectivity?. I prefer to use a proxy server locally and not a web-based proxy (may cost more money than I want to pay/trust). Granted some web-based proxy server hosts may offer the ultimate in service and it is constantly updated, but probably very pricey and more than I want to pay! Trust is a serious issue with me. I trust me! So maintaining my own server is my first choice. I'm simply looking to build my own proxy server at home where I maintain/update with less expense, and the software is reliable and not the "new kid on the block." It can be a Windows based but preferably a Linux based solution.

So any thoughts will be appreciated.
Click to expand...

1) Your router encryption is only relevant when using WiFi and that's wireless device to router. To be effective end-2-end encryption is required, so its your end device (PC, Tablet, Router) that encrypts SSL traffic and all your router can see is the un-encrypted IP and TCP headers and the encrypted pakets. Providing you are not using Chrome, which does not always check certificate URLS, generally in the padlock appears your session is secured end-2-end using a symmetric algorithm. The key for that is usually generated for each session and exchanged with the Diffe Hellman protocol which should ensure no one can execute a man-in-the-middle attack.

https://wiki.openssl.org/index.php/Diffie_Hellman

If you want to hide your IP address then the solution has to be off site. IP has no concept of a connection, each packet is independently routed and contains the address of your router, otherwise the packets couldn't get back there. A proxy solves this by sitting on the data stream and "breaking" the connection, and this can see all non-encrypted traffic. It can't see SSL traffic because of the Diffe-Hellman exchange unless you install a browser plug-in, in which case it can see all you browser traffic, including bank passwords etc.

If you start using a proxy to hide your IP address, and pay, then you are passing money to a company that is preying on your paranoia, and making money out of folks trying to by-pass geographic restrictions, possibly to buy PayTV. You are passing all your web traffic via their servers, so it means you must have TOTAL trust in them.

If you are not paying them then there must be a way for them to make money. These I trust even less...

If you are using a typical "Home" or "small business" set up you IP Address will most likely change pretty often. Its no use to the third party.
 
If you are using a typical "Home" or "small business" set up you IP Address will most likely change pretty often. Its no use to the third party.
Click to expand...

It's really stunning to look at the raw IP incoming traffic to a modem. Typically, I see some attempt to get port 110 to respond several times a minute, most of the originating IPs are from China and Vietnam.
 
Chuck(G) said:
It's really stunning to look at the raw IP incoming traffic to a modem. Typically, I see some attempt to get port 110 to respond several times a minute, most of the originating IPs are from China and Vietnam.
Click to expand...

That doesn't mean they know its "you" at that address it just means they are scanning for known vulnerabilities. Assuming NAT is enabled external traffic on Port 110 isn't going to go any where beyond the router. Have you tried sending it somewhere to see what user-names and passwords they try? I guess its looking for a POP server and it will then try to log in with harvested user names and password, or perhaps run a buffer over-run attack to gain control of the server. I assume you get hits on 80, 81 and 8080?

I would guess that they scan all the IP ranges assigned to ADSL clients. As for StangMan why would you want to hide your IP address? All that does is make the end server think you are somewhere else. It generally doesn't reduce attacks, they happen regardless of where you are.

TOR will pretty much hide your location, but you may then find common sites, like internet banking, start asking for additional verification, as they no longer know where you are.
 
Oh, I know that, but I was taken aback at the number of intrusion attempts the moment the modem came online. Has anyone ever documented the amount of "garbage traffic" on the Internet? The only thing that I could think of is that there are systems out there continuously scanning the 4 billion or so IPv4 addresses, looking for vulnerabilities.

All incoming ports on my modem are blocked or nonresponding, but for port 4567, which seems to be used by CenturyLink, my ISP. I've never asked them what would happen if I edited the iptables on the modem to block that one. Maybe they wouldn't like it.

Anent anonymous proxies: I've found that services like tor and anonymizer.com get filtered and bounced by several sites. Same for anonymous email services. I've found that it's better to use a web search for anonymous proxies and enter them manually; they rarely stay active for more than a day or two, however.

So the picture is very mixed.
 
Last edited:
I think that even a few years ago the time to infection of an unprotected XPSP3 machine was measured in minutes. Fortunately we tend to shield such machines behind the router...
 
How do people manage networking where isolation from the Internet is an issue (security concerns), but who do need interconnectivity with other machines? I have a couple of customers who, for various reasons, want assurances that their data will never be seen on the Internet.

To date, I've been sneakernet-ing data between the unconnected systems via USB flash drive. This makes the customers happy, but is a an annoyance.
 
You must log in or register to reply here.
Back
Top