Category: security

Residential IP Provider

We talk a lot about proxies in this blog, how to use them to stay secure, protecting our anonymity and really important stuff like being able to watch the BBC on our holidays.    In truth, as far as watching online media sites go proxies are very little use anymore because they’re very easy to detect.   If you want to watch a multimedia site online then you’re normally going to need a VPN as they are much more difficult to detect.

There is another side of the blocking war technology, which doesn’t involve the type of server you’re connecting to but rather the IP address it is assigned.  You see there’s another crucial distinction as far as the network address you use on these servers – commercial or residential.  Virtually all IP addresses that the ordinary individual can get access to falls under these two categories.   So it’s worth just briefly clarifying what we mean by these:

  • Commercial IP Addresses – these are assigned to public and private companies and commercial datacentres.  Indeed 99% of proxy and VPN services are hosted in commercial datacentres which is why they’re allocated commercial addresses.
  • Residential IP Addresses – if you simply connect to the internet through your ISP like most people, then you’ll have a residential address.  These are only allocated to home users via their normal internet connections whether they’re broadband, cable or even dial up.

It seems a minor difference, after all they’re both just standard IP addresses but the distinction is becoming more crucial.   In 2016 Netflix became the first ‘media giant’ to restrict access to their content based on the classification of your IP address.  It’s been used before in smaller organisations and in other sectors but this was a major shift in region locking.  If you sat on a company network and wanted to watch Netflix using your computer you’d be blocked, didn’t even matter if you owned the company!

After years of trying to enforce Netflix users to stick to the locale they were based in, they finally decided that only those who originated from a residential IP provider would have access.  This worked big time, indeed compared to the years of blocking proxies, checking for concurrent connections and trying to detect VPNs it was incredibly effective.  The reason was simple all the circumvention tools like proxies and VPNs had one thing in common, they all had commercial IP addresses assigned from the datacentres where there servers sat.

People Suddenly Need a Residential IP Provider

There was some collateral damage, but basically it made Netflix only accessible from home connections.  More importantly users could not use VPNs and proxies to switch to a better version of Netflix, the US version has more than double the content of many regions.

In fact what Netflix was doing wasn’t that original, in other areas commercial websites have been using this classification for years. Anyone with even a rudimentary knowledge of programming can use incoming IP address information to determine both the region and classification of the IP address. Using the classification is an easy way to ensure all the inbound connections are from legitimate residential users.  They can also determine specific countries and regions from the IP address to – all crucial information if you’re running any sort of e-commerce site too!

Most online resources and commercial sites are directed at home based customers which is why having a residential IP address is crucial, residential traffic has certain characteristics.  Normally that’s fine but there are also many situations where you need more than one address and that’s extremely difficult to do.  For example people involved in online marketing or research need the ability to process numerous requests from social media sites, advertisers, search engines and even online retailers.  Unfortunately if you try and do this from a single solitary internet connection and address you’ll get blocked pretty quickly.

residential IP provider

Whether it’s the classification, origin or more likely the fact it’s being used for repeated requests – it’s pretty simple to get blocked by a web site nowadays.

People who use marketing and research tools will get blocked very quickly for example as the multiple requests are logged. Even posting stuff to social media using applications can have this effect very quickly too.

Others use tools in order to buy multiple copies of items or place lots of adverts. Again if you are stuck using your single default, residential IP address you’ll get an IP ban very quickly.  the more requests you or the application makes then the quicker it will happen.   Even something like a residential VPN won’t help because although the actual connection is encrypted, the mere fact that multiple concurrent connections are established from the same IP is easy to detect.

For example there are lots of people who use software to buy multiple items in order to sell them later.  There are computer programs designed to do this for you, making multiple requests and placing lots of items in shopping baskets automatically.

They are usually found in sectors which have limited or restricted availability like designer trainers/sneakers, concert and sporting tickets and similar items.  When items like these are sold online then the restrictions are normally enforced by the classification and location of the IP address.

Let’s consider buying concerts for a very popular rock band, the tickets always sell out extremely quickly.  How do you ensure that people don’t buy extra tickets to sell online at inflated prices?  Well imagine you’re sitting there looking at the requests come in for a Dallas based concert and you see hundreds of requests from IP addresses originating from New Delhi? These obviously don’t look like legitimate requests from fans and the website will almost certainly block or restrict access from these addresses.

There is a workaround method that can be used and is implemented very profitably by people online – they hide their locations by using home based IP addresses originating in ‘non-suspicious’ locations.  However to do this you need to buy residential IPs which are bought from a residential IP provider.  These are normally bought by buying access to dedicated residential proxies which have home based addresses assigned to them.

Some of these networks are extensive and extremely sophisticated indeed they need to be to fool the websites involved.  The most advanced are called residential backconnect proxies, which are much more than simply standard static residential proxies.   They are networks consisting of thousands of residential IP addresses all linked together through single backconnect proxy gateways.  These are much more difficult to detect as they offer the ability to rotate IP addresses automatically and also the referrer data that is sent from individual connections.   Any sort of automated bot which buys, researches or posts will need access to rotating residential proxies in order to function with any volume.

These networks are of course extremely difficult and expensive to set up, primarily because getting access to residential IP addresses is very difficult.  Many have taken years to set up, it’s not that hard to learn how to make residential proxies but it’s much,much harder to set one up!  It’s worth remembering this before you go searching to buy residential proxies, they are much more expensive to run than normal one.  Which is why the people running automated tools like ‘sneaker bots’ or ‘ticket bots’ are always searching for reliable sources, you’ll even see them referred to as residential sneaker proxies as they’re often used with these bots to buy lots of sneakers from large online retailers like Nike, Adidas and Footlocker.

There’s only two or there of these with large enough residential networks to make most of these bots and tools work properly.  Here’s one of the oldest and most respected networks – they’re called Storm Proxies.   They’re unique in that they’re the only ones who actually own the hardware and addresses (the registrations) unlike their competitors.  Indeed many of the other providers have little direct control over their residential IP address inventory, e.g. Illuminati who’s network consists of piggybacking off the connections of a free VPN called Hola.

It’s definitely the fastest, safest and best residential IP provider and you can try out their proxies here

Storm

Check out their residential proxy trial which you can test for 48 hours and get your money refunded if they don’t work for you.

Surf with UK IP Address

When you’re online you might think that your digital identity doesn’t change very much, but in some aspects you’d be very wrong.  For example take something as simple as browsing the internet, your experience will vary greatly depending on one specific factor – your location.   Now the internet doesn’t care where you’re from but many of the web sites you visit do care – very much indeed.

Surf with UK IP Address

The method of identifying your location is done by tracing your IP address, this is the unique number which is allocated to any device when it connects to the internet.  This includes everything, every laptop, computer, switch , mobile phone and even your smart TV – all are allocated this network address.   As well as being unique, these addresses are also allocated on a per country basis meaning that when a web site knows the address it can look up your physical location too.

They will use this information in a variety of ways, to customize what you see, switch languages or more often to filter and block what you can see.  It’s the exact method that Netflix uses to determine which version of the site you use, or the way that BBC iPlayer blocks every non-UK connection.  So you can see where you are determines greatly what you can access and your overall web experience.

However there is a method to take control of this, and actually bypass these filters and blocks.

How to Surf with UK IP Address

So how do you take control?  Do we have to just sit back idly by while our web browsing is censored and manipulated by the big websites?  Of course, the key is being able to control this network address,  if we can manipulate this then we can decide what we can see online.

If we take an example mentioned above, the BBC blocks access to anyone who tries to access from outside the UK.  More specifically they block access to anyone without a UK IP address.   So if we can present a UK IP address irrespective of our real location then we can watch the BBC or any other UK only website wherever we happen to be.

It’s actually very easy to do, to supply a fake IP then just watch this video:

So although you can’t actually change your IP address, as it’s allocated automatically when you connect to the internet. You can though hide your IP address, by using an intermediate server to connect to the web. This is what literally millions of people do across the world, they use a VPN service with servers based in the country they need most.  So many people who need to surf with UK IP address will find a service which provides access to a UK IP address range.

In fact, most of the decent VPN services will offer a wide range of servers in different countries.  The one in the example – Identity Cloaker for instance has many servers in Britain including some which have a London IP address or ones from Manchester, but they also have servers all over the world.   You can merely click on a country and you’ll effectively change your IP address to that country.  So although you don’t actually change IP address to UK or another country, the websites will only see the address of the VPN server.

There are now a lot of these services available but you have to be careful depending on your requirements.  Don’t get misled by websites who offer the best UK proxy as these don’t work anymore for most of the big media sites including all the main UK TV sites.  It was at the beginning of 2017 that the BBC finally started to block access to all proxies, and even some VPNs –  irrespective if they came from a UK IP address list.   Furthermore if you just want to access these sites, you don’t need to invest in anything expensive, certainly it’s not necessary to but a UK IP address that it dedicated for your use only.

A simple, fast and well configured VPN service is all the majority of people require to surf with UK IP address or unlock access to lot’s of other different sites across the world.  The benefit also extends to countries where state level internet censorship takes place like China or Turkey, a VPN will bypass these too.

Here’s the link for Identity Cloaker – Test it out with the 10 day . first to see how well it works.

BBC Block VPN Connection Services

It was a move greeted by shock, disbelief and to some extent even despair suddenly the BBC started to block VPN connections from across the world.     Just to roll back a little, for years the BBC had insisted that all it’s media content was only available to domestic viewers i.e those who were physically located in the United Kingdom.  However although this was official policy, the BBC did very little to actually enforce this other than a basic IP check which blocked anyone accessing from a non-UK IP address.

BBC Block VPN Connection

This IP blocking method although effective was actually extremely simple to bypass, all one needed was a way of hiding your location.

Initially this could be achieved by using a simple proxy server although in 2016 BBC started to block these following the lead of most global media companies.   There was another method left, using something called a VPN which stands for virtual private network which also allowed users to hide their physical location and IP address.

A VPN connection is virtually impossible to detect and so these have continued to work and many have switched from using proxy servers.  Unfortunately VPN services are more expensive to run and therefore these are almost always require a paid subscription.  The free ones are filled with advertising, share your internet connection with strangers and are all frustratingly slow to use which means that everything involves extensive buffering.

Here you can see in this video, a demonstration of a VPN program being used to access the BBC from outside the UK.

Although the move to paid services was upsetting to a lot of people, these subscriptions where relatively inexpensive and as they opened up all the UK TV channels are still extremely popular.   However during the second part of 2016 and into 2017 the BBC started to attack these services too.  In fact during specific times, literally thousands of people found themselves blocked almost overnight – one day they were happily watching the BBC the following day they were blocked. It almost seemed that suddenly they had figured it out, BBC iPlayer detecting VPN services – was it possible? Well no, they can’t detect them but it’s true that for many their BBC iPlayer VPN not working had suddenly occurred.

So if the VPN connection is virtually undetectable, how did the BBC manage to block so many of them?

How Does BBC Block VPN Connection Services

As mentioned, a properly configured and well run VPN service is almost impossible to detect.  Even the Chinese have thrown huge resources at identifying and blocking VPNs in order to control the huge use of them to circumvent their filtering and censorship.  They have not been completely successful and many Chinese routinely use VPN services to bypass the Great Firewall of China and indeed retain their anonymity in one of the most oppressive internet states in the world.  Other media companies have all tried in various ways too, most seem to settle with a partial success of blocking the simple proxies.  Nearly all media companies now block the easy targets so for example you can’t use a simple French proxy for M6 Replay either.

So obviously the BBC do not have anything like the technical expertise or resources to match this, however there are other options which can be fairly effective.  Firstly although the actual type of connection cannot be easily identified, they can identify when thousands of concurrent connections come from specific IP address ranges.  VPN servers will have limited numbers of IP addresses and when the BBC detects thousands of streams all being directed at the same ones then it’s likely they are some sort of proxy or VPN.

Secondly, many of these VPN services are easily identified by a little detective work.  Many of them openly advertise or display their TV watching services on their websites.  Type ‘BBC iPlayer abroad’ or ‘watch UK TV abroad’ into a search engine like Google and you’ll see some paid adverts for various websites.  All the BBC has to do is look up these services and block them manually, anything that looks like a TV watching service and not a proper security based VPN will be fair game. So there are some truth to these rumours, but it would be wrong to say that BBC iPlayer not working through VPN anymore

So in essence a little detective work and monitoring incoming connections can be a pretty effective way of blocking these VPN connections.  There is no real BBC iPlayer vpn workaround, merely selecting the right sort of VPN service.  Fortunately the older legitimate VPN services don’t advertise these facilities and also have large infrastructures with lots of servers to spread their connections. They have made little additional effort in blocking these services since the BBC iPlayer VPN 2017 purge, so the remaining companies should be fine – certainly I’ve been using Identity Cloaker for over a decade now without issues.

Companies like idc still work with all the UK TV stations despite these blocking efforts because they remain primarily security services not ‘TV watching’ proxies.

Hey Look, That’s Suspicious. Hide IP all Internet Traffic

One very important aspect of privacy that is usually overlooked is that of discretion.  If you want to remain private, then it’s important not to stand out – in IT circles it’s often called security by obscurity.   I remember once having to investigate unauthorized use of a database system by an employee.   The scenario was that this particular application could be used to look up all sorts of personal details about people however this was strictly  forbidden.

When I started to investigate, it took about 2 minutes from looking at the logs to identifying the culprit.  The logs were huge, but all access was identified by the user access name in one column.  The usernames were all in a long format like this –  user/2347643-1964 all except one whose username was Bob21 (slightly changed to protect the stupid), and it stood out a mile.  The user had created his own account and used it to look up details of a love rival, but had failed to keep to the same username format as everyone else.   It yelled – check me out, very loudly indeed – he was discovered and subsequently lost his job.

hide vpn traffic

The point is that it’s all very well having a super secure and encrypted connection, however if this is too obvious you run the risk of making yourself a target and inviting investigation.  This is particularly relevant in using a proxy or VPN or proxy to hide yourself online.  Sure they work and a properly configured VPN over port 80 does keep you very secure, however if anyone looks at the logs the VPN user can stand out.

The reason is that in standard ISP logs a normal web user will have a variety of internet requests to all sorts of different web servers and IP addresses.  The VPN user will have all those hidden and will interact with the single IP address of the VPN server.  This stands out, the same IP addresses being connected almost permanently and no requests made to anywhere else.  The IP address is either a fascinating web site or more likely a proxy or VPN – it’s also simple to search and filter for this sort of behaviour.

Fortunately it is possible to hide VPN traffic by using certain highly secure VPN services which can be made almost invisible too with a few carefully configured options.   Here’s an example of those settings that you can configure in Identity Cloaker.

Basically you need to ensure that you rotate the IP address you access periodically – so that a variety of addresses appear. This suggest normal web browsing rather than a single encrypted connection which can help to hide openvpn traffic too. Other options are to allow the cloaking of different applications, so that some requests go direct to the site whilst others are redirected through the VPN tunnel.

After all if you’re streaming video from a recognised site, do you need encryption? Is it a secret?  You might already run openvpn over https too, and by making this sort of behaviour accessible and readable you control what aspects of your online activity is private and which isn’t.   These are simple tricks but extremely useful if you’re serious about tying to hide VPN traffic properly.

It’s not that difficult if you have these options in your VPN service to melt back into the crowd. However it makes a huge difference to the level of privacy you enjoy. A little obscurity is an essential element in keeping yourself safe online, any security adviser knows all too well that you should avoid making yourself into a target.

 

Innovative Cyber Criminals Hack Austrian Hotel

One of the main reasons that in the past cyber crime was never too much of an issue, was the fact that many of the people who were capable of performing the attacks were not that good at the criminal side of it.   Hopeless geeks would steal stuff nobody wanted and then get picked up when they tried extorting money.   This is changing now in a big way as cyber gangs across the world start working with organised crime and becoming much more effective.

Luxury Hotels Targeted by Hackers

One of the current hot cyber crimes is ransomware, getting access to a system and denying access to the data or applications themselves.  A popular method is for viruses to encrypt important data and destroying it unless a payment is made.   It does work occasionally but only on badly configured and poorly defended systems – any half decent disaster recovery system will make such attacks ineffective.

However the latest targets of slightly modified attacks are big hotel chains.  Hotels have long been a target for technological crime, often because there’s a mix of wealthy people using mobile devices and poor levels of IT support and administration.   Previous targets have been hijacking Hotel Wifi systems or infecting lobby computers to steal usernames and passwords.   The latest twist however is to target a much more practical application, the hackers are taking over the hotels keycard systems.  The application which controls, registers and deregisters the room control cards – effectively controlling access to guests rooms – locking them in or out at will.   These are often also linked directly to reservation systems which can also cause havoc for any hotel.

There have been many rumours of these attacks taking place, however one hotel has decided to admit that they were attacked and decided to pay the ransom.  The hotel is a luxurious four star place in Austria called the Romantic Seehotel Jaegerwirt set alongside a beautiful Alpine lake.   Like many modern hotels they have a sophisticated IT system which controls all the key cards.   When the system was compromised none of the keys worked and nobody could open any of the room doors – customers were either locked in or out of their room.

Imagine the chaos that would cause the hotel management, especially on the opening weekend of their busy Winter season.  Then the demand came, a relatively modest request for 1500 EUR paid in Bitcoins in order to restore their key card system and access to the reservation application.  As the manager pointed out, the police and insurance are of little help when you have 180 guests locked out of their rooms.  The manager decided that paying the demand was quicker and cheaper than any other alternative.  There are two crucial aspects to this case, the modest request and the fact that when it was paid the hackers kept their word and restored the system.   These factors are crucial to convincing  victims that ‘paying up’ is the sensible option it in fact the best business decision in the circumstances.

Cyber crime is moving into a new and more dangerous phase than the amateuristic attacks we have seen in the past.   More and more of our world and systems are accessible online, the IoT (Internet of Things) is bringing vulnerabilities into our world that previously didn’t exist and criminals are using these avenues to run their businesses.  The hotel has interestedly identified an upgrade that will prevent these attacks in the future, their next refurbishments will replace the keycards with ordinary keys which were originally used by the hotel when it opened over a hundred years ago.