Proxy Avoidance – An Introduction

So what does this mean to you? Proxy avoidance? Aren’t proxies used to help you keep your privacy – why would you want to avoid them.   Unfortunately there are some proxies you really should be looking to avoid.  Just using a proxy means absolutely nothing, it’s a bit like saying you are environmentally aware because your car happens to be colored green.  Proxies can enhance security but equally they can also be used to steal all your details and finance a Russian cyber crime gang’s Christmas party.

Bloody Spoilsports !!

 

So should you use or bypass a proxy server – well it really depends on a couple of factors – who’s running it and how it’s set up.

For instance I recommend a couple of proxies/vpns on this site – both of them don’t keep logs, they don’t monitor traffic and delete pretty much everything.   However this is not the case for the vast majority of proxies – some are actually designed to monitor you and control what you can or can’t do online.

The one thing you should remember is – that if you use a proxy server, then all your data is being channeled through that server.  Which is why most businesses make sure their employees surf the internet through a proxy.   They control and configure the proxy so that they have full control of what you do online on their time.

So let’s just be clear, if you are being blocked from accessing your favorite site at work, school or through your ISP, it’s probably because you are being forced to surf through their proxy server.

In this case you will also be requiring one of these if you need to avoid this particular proxy –

Luck – or rather some incompetence. If your client, browser or proxy security is set up badly, it can be fairly easy to avoid a proxy server.

Technical Knowledge – always helps but if you want to bypass the sneaky IT department, the more you know the better.

Security Software – programs like Identity Cloaker have special functions to piggy back existing proxy servers or bypass firewalls. Nothing guarantees that you by can avoid a proxy specifically designed to control your internet access but it’s usually possible.You can always test theories out – for instance the free – trial version of Identity Cloaker allows access to a selection of websites including Facebook.    This site is often blocked by content filters or proxies (usually because people are liable to spend hours on it!) – so test out to see if it works in your environments – the free demo version can be .

Remember a proxy server set up in your work or college – is acting as an intermediary for each client on the network.    As such it knows and records every single site you visit – so if you’ve got something to keep private – don’t do it at work !! Unfortunately there are lots of different ways that proxy servers can be set up, transparent, caching or anonymising for example.  When proxies where first used they were primarily used for speed. They would be set to cache requested pages – so when another client on the network requested the page it could be delivered locally.  This would mean that you would only need to download a page once and then served when required.

Here’s a useful video about – change IP address software that you might enjoy.

They are now used for a whole lot more – a proxy is a vital tool for controlling and configuring access to the internet for any client.  You can use a proxy to block, filter or simply monitor any request passing through it.  Have a look at your browser settings at work, if set up properly you should be blocked from manually changing the settings.   This is a simple first step in making sure that any employees cannot avoid using the proxy server – secure your proxy settings in the browser.  If you’re using Windows then this is normally used by using Windows Group Policy Objects which can tie down all security settings on your client.   Generally not only will this stop people fiddling with their settings, but it will be backed up by firewall rules.   The most common rule set would be that outgoing web traffic is only allowed via the IP address of the official proxy server.  Which is why most people get stuck when trying to be a proxy ninja on their school or company network.

In addition to the installation of a proxy server, most organisations now are rightly paranoid about ‘nasty stuff’ on the net, and so they utilise some sort of additional content filters.  The most common one I’ve come across is from Websense but there are quite a few different ones.   These will monitor online all the traffic and URLs, and block or log according to specific rules and algorithms.  These filters are generally installed on the ‘wire’ and will have access to all traffic on the network.   There’s only one real way to beat a decent filter and that’s to stop it analysing what you’re doing – that means you must use encryption.

It can be via SSL, a VPN or like Identity Cloaker which uses Rjindael-AES 256 bit Encryption over a SSH connection.  It’s difficult to summarise what situation you might find in any specific environment.  In any vaguely secure environment you’ll probably find most stuff I’ve mentioned being implemented.

Of course us Ninja surfers can get round all these issues using a variety of methods from cloaking to fake ip addresses.  Normally it’s not that hard to do usually because of the way a security measure has been implemented. For example you’ll commonly find Internet Explorer locked down very tightly stopping you doing anything.   But then the rest of the client will be neglected and a user can often install a different browser like Firefox which has no such restrictions!!

If an organisation hasn’t stopped you installing a new browser on your PC then it’s unlikely they’ve created any security templates either.   It’s not uncommon to see surprisingly – a super locked down version of IE alongside a completely un-monitored copy of Firefox.  Of course before you start messing around with the Internet at work or college, you should consider your position.   Check out your Internet Use Policy and see what you’re allowed to do – is there something that says you can’t use another browser for example !

It’s a big subject and I’ll cover some more specific scenarios in future posts.  I’ll mostly use Identity Cloaker as it normally has the functionality to bypass most corporate blocks and filters but there are others.   Don’t bother messing around with stupid online web proxies though – they won’t work unless your network admins are particularly stupid.

You may also like...

6 Responses

  1. bob the bail says:

    I have to use the company proxy at work, it’s just how the network is designed. I don’t want to go to any blocked or banned sites, but just want some privacy. How do I stop my company logging every site I visit (including in my lunch hour) or potentially having access to my personal data.

    • says:

      It’s a good question – as you say you cannot avoid using the proxy at work. Basically you need to encrypt your connection, so you have to use a VPN of some sort. You may have access to one at work? Or you could use an external one like Identity Cloaker or setup your own server. This would ensure that your personal details and your web history were not accessible by your company. To make it more secure (and discrete) you can use the function that switches your connection after every few minutes in Identity Cloaker, it hides the fact your always connecting to a specific server.

  2. Gene says:

    Interesting post, thanks. I’ve discovered that I have to go through the college proxy other wise I get blocked – would that stop Identity Cloaker working?

    • says:

      Not necessarily, it’s quite a common network configuration actually. What is probably happening is that the firewall is configured to only allow outbound traffic using the IP address of the proxy. Identity Cloaker has a setting under – Local Proxy that allows you to bypass this. It basically routes your encrypted traffic through the proxy so it can go through the firewall, You’ll need a username and password that allows you to use it though – normally this would be your normal network account though.

  3. Tawanna says:

    haha you’re right, my copy of IE on my work PC won’t let me do anything. Just tried and found Firefox and everything works, absolutely no blocks at all – could surf porn if I wanted (ok I won’t at work!). Thanks !!!!

    • says:

      No worries 😉 It’s quite common, settings will usually be in place to lock down all IE configuration settings, These will also force the browser to use an in-house proxy like IIS which will further monitor and restrict your browsing. But of course none of this applies to Firefox so if you’ve got access to it you’ll be able to use it completely unrestricted. You should check it isn’t being routed through the company proxy as well though, because they may be using that to monitor too. Don’t get yourself in to trouble though !!

Leave a Reply

Your email address will not be published. Required fields are marked *