This is A video guide on how simple it is to add sitemeter to your website/webpage.
Monday, May 25, 2009
Tuesday, May 5, 2009
Calculating Offsets
Introduction
This tutorial is more of a tip than a tutorial. It just explains how to calculate offsets for jumps and calls within the program you are patching.
Types of Jumps/Calls
Here I will just describe the different types of jumps and calls which you will come across:
Short Jumps
Short jumps be they conditional or unconditional jumps are 2 bytes long (or 1 nibble if your Californian ;-). These are relative jumps taken from the first byte after the two bytes of the jump. Using short jumps you can jump a maximum of 127 bytes forward and 128 bytes backwards.
Long Jumps
Long jumps if they are relative are 6 bytes long for conditional jumps and are 5 bytes long for unconditional jumps. For conditional jumps 2 bytes are used to identify that it is a long jump and what type of jump (je, jg, jns etc) it is. The other 4 bytes are used to show how far away the target location is relative to the first byte after the jump. In an unconditional jump only 1 byte is used to identify it as a long unconditional jump and the other 4 are used to show it's target's relative position, as with the conditional jumps.
Calls
There are two different types of calls which we will use. The normal type of call works the same as the long jumps in that it is relative to it's current position. The other type gives a reference to a memory location, register or stack position which holds the memory location it will call. The position held by the later is direct e.g. the memory location referenced may contain 401036h which would be the exact position that you would call, not relative to the position of the call. The size of these types of calls depends on any calculations involved in the call i.e. you could do: 'call dword ptr [eax * edx + 2]'. Long jumps can also be made using this method, but I didn't say that earlier as to avoid repetition.
Tables
Here is a brief list of all the different types of jumps/calls and their appropriate op-codes. Where different jumps have the same Op-Codes I have grouped them:
Jump Description Short Op-Code Long Op-Code
call procedure call E8xxxxxxxx N/A
jmp u nconditional jump EBxx E9xxxxxxxx
ja/jnbe jump if above 77xx 0F87xxxxxxxx
jae/jnb/jnc jump if above or equal 73xx 0F83xxxxxxxx
jb/jc/jnae jump if below 72xx 0F82xxxxxxxx
jbe/jna jump if below or equal 76xx 0F86xxxxxxxx
jcxz/jecxz jump if cx/ecx equals zero E3xx N/A
je/jz jump if equal/zero 74xx 0F84xxxxxxxx
jne/jnz jump if not equal/zero 75xx 0F85xxxxxxxx
jg/jnle jump if greater 7Fxx 0F8Fxxxxxxxx
jge/jnl jump if greater or equal 7Dxx 0F8Dxxxxxxxx
jl/jnge jump if less 7Cxx 0F8Cxxxxxxxx
jle/jng jump if less or equal 7Exx 0F8Exxxxxxxx
jno jump if not overflow 71xx 0F81xxxxxxxx
jnp/jpo jump if no parity/parity odd 7Bxx 0F8Bxxxxxxxx
jns jump if not signed 79xx 0F89xxxxxxxx
jo jump if overflow 70xx 0F80xxxxxxxx
jp/jpe jump if parity/parity even 7Axx 0F8Axxxxxxxx
js jump if sign 78xx 0F88xxxxxxxx
Calculating Offsets (finding in the xx's in table)
You will need to be able to calculate offsets when you add jumps and make calls within and to the code you have added. If you choose to do this by hand instead of using a tool then here are the basics:
For jumps and calls further on in memory from your current position you take the address where you want to jump/call and subtract from it the memory location of the next instruction after your call/jump i.e.:
(target mem address) - (mem location of next instruction after call/jump)
Example
If we wanted to jump to 4020d0 and the next instruction *after* the jump is at location 401093 then we would use the following calculation:
4020d0 - 401093 = 103d
We then write the jump instruction in hex as e93d100000 where e9 is the hex op-code for a long relative jump and 3d100000 is the result of our calculation expanded to dword size and reversed.
For jumps and calls to locations *before* the current location in memory you take the address you want to call/jump to and subtract it from the memory location of the next instruction after your call/jump, then subtract 1 and finally perform a logical NOT on the result i.e.
NOT(mem address of next instruction - target mem address - 1)
Example
If we wanted to call location 401184 and the address of the next instruction after the call is 402190 then we do the following calculation:
NOT(402190 - 401184 - 1 ) = ffffeff4
We can then write our call instruction in hex as e8f4efffff where e8 is the hex op-code for relative call and f4efffff is the result of the calculation in reverse order.
If you want to practice with different examples then the best way to do this is to use a disassembler like WDASM which shows you the op-codes and try and work out the results yourself. Also as an end note you don't have to perform these calculations if you have enough room to make your jump or call instruction into an absolute jump call by doing the following as represented in assembler:
mov eax, 4020d0
call eax (or jmp eax)
Final Notes
Make life easier and use a program to do this ;-)
This tutorial is more of a tip than a tutorial. It just explains how to calculate offsets for jumps and calls within the program you are patching.
Types of Jumps/Calls
Here I will just describe the different types of jumps and calls which you will come across:
Short Jumps
Short jumps be they conditional or unconditional jumps are 2 bytes long (or 1 nibble if your Californian ;-). These are relative jumps taken from the first byte after the two bytes of the jump. Using short jumps you can jump a maximum of 127 bytes forward and 128 bytes backwards.
Long Jumps
Long jumps if they are relative are 6 bytes long for conditional jumps and are 5 bytes long for unconditional jumps. For conditional jumps 2 bytes are used to identify that it is a long jump and what type of jump (je, jg, jns etc) it is. The other 4 bytes are used to show how far away the target location is relative to the first byte after the jump. In an unconditional jump only 1 byte is used to identify it as a long unconditional jump and the other 4 are used to show it's target's relative position, as with the conditional jumps.
Calls
There are two different types of calls which we will use. The normal type of call works the same as the long jumps in that it is relative to it's current position. The other type gives a reference to a memory location, register or stack position which holds the memory location it will call. The position held by the later is direct e.g. the memory location referenced may contain 401036h which would be the exact position that you would call, not relative to the position of the call. The size of these types of calls depends on any calculations involved in the call i.e. you could do: 'call dword ptr [eax * edx + 2]'. Long jumps can also be made using this method, but I didn't say that earlier as to avoid repetition.
Tables
Here is a brief list of all the different types of jumps/calls and their appropriate op-codes. Where different jumps have the same Op-Codes I have grouped them:
Jump Description Short Op-Code Long Op-Code
call procedure call E8xxxxxxxx N/A
jmp u nconditional jump EBxx E9xxxxxxxx
ja/jnbe jump if above 77xx 0F87xxxxxxxx
jae/jnb/jnc jump if above or equal 73xx 0F83xxxxxxxx
jb/jc/jnae jump if below 72xx 0F82xxxxxxxx
jbe/jna jump if below or equal 76xx 0F86xxxxxxxx
jcxz/jecxz jump if cx/ecx equals zero E3xx N/A
je/jz jump if equal/zero 74xx 0F84xxxxxxxx
jne/jnz jump if not equal/zero 75xx 0F85xxxxxxxx
jg/jnle jump if greater 7Fxx 0F8Fxxxxxxxx
jge/jnl jump if greater or equal 7Dxx 0F8Dxxxxxxxx
jl/jnge jump if less 7Cxx 0F8Cxxxxxxxx
jle/jng jump if less or equal 7Exx 0F8Exxxxxxxx
jno jump if not overflow 71xx 0F81xxxxxxxx
jnp/jpo jump if no parity/parity odd 7Bxx 0F8Bxxxxxxxx
jns jump if not signed 79xx 0F89xxxxxxxx
jo jump if overflow 70xx 0F80xxxxxxxx
jp/jpe jump if parity/parity even 7Axx 0F8Axxxxxxxx
js jump if sign 78xx 0F88xxxxxxxx
Calculating Offsets (finding in the xx's in table)
You will need to be able to calculate offsets when you add jumps and make calls within and to the code you have added. If you choose to do this by hand instead of using a tool then here are the basics:
For jumps and calls further on in memory from your current position you take the address where you want to jump/call and subtract from it the memory location of the next instruction after your call/jump i.e.:
(target mem address) - (mem location of next instruction after call/jump)
Example
If we wanted to jump to 4020d0 and the next instruction *after* the jump is at location 401093 then we would use the following calculation:
4020d0 - 401093 = 103d
We then write the jump instruction in hex as e93d100000 where e9 is the hex op-code for a long relative jump and 3d100000 is the result of our calculation expanded to dword size and reversed.
For jumps and calls to locations *before* the current location in memory you take the address you want to call/jump to and subtract it from the memory location of the next instruction after your call/jump, then subtract 1 and finally perform a logical NOT on the result i.e.
NOT(mem address of next instruction - target mem address - 1)
Example
If we wanted to call location 401184 and the address of the next instruction after the call is 402190 then we do the following calculation:
NOT(402190 - 401184 - 1 ) = ffffeff4
We can then write our call instruction in hex as e8f4efffff where e8 is the hex op-code for relative call and f4efffff is the result of the calculation in reverse order.
If you want to practice with different examples then the best way to do this is to use a disassembler like WDASM which shows you the op-codes and try and work out the results yourself. Also as an end note you don't have to perform these calculations if you have enough room to make your jump or call instruction into an absolute jump call by doing the following as represented in assembler:
mov eax, 4020d0
call eax (or jmp eax)
Final Notes
Make life easier and use a program to do this ;-)
Tuesday, April 14, 2009
hacking hotel626.com
so here it is.. hotel626.com
its a good game. this is just simple. the game requires you to play at night
but if you want to play hotel626.com at daytime. then all you have to do
is change your system clock from AM to PM. then reload the page in your browser.
and for the unlock code. the madame say tree, light, spider.
then you have to count the red-ones. its all up to you.. so what are you waiting for
try to play www.hotel626.com
make sure you have webcam enabled.. :D
its a good game. this is just simple. the game requires you to play at night
but if you want to play hotel626.com at daytime. then all you have to do
is change your system clock from AM to PM. then reload the page in your browser.
and for the unlock code. the madame say tree, light, spider.
then you have to count the red-ones. its all up to you.. so what are you waiting for
try to play www.hotel626.com
make sure you have webcam enabled.. :D
Saturday, April 11, 2009
AT&T $50 Netbooks
A $50 Netbooks, wow thats cool..
AT&T will begin selling netbooks with integrated wireless Internet cards, selling them for as low as $50 — with a data plan contract, of course. The rollout will begin in Atlanta and Philadelphia.
AT&T is also looking to enter the e-book market, according a company exec quoted by Bloomberg at the recent trade show in Las Vegas hosted by industry organization CTIA Wireless:
Verizon has also expressed interest in entering the e-reader fray, saying it had been approached by five (undisclosed) companies interested in a wireless connection like that of the Kindle.
The takeaway: AT&T's netbook announcement, along with an earlier one from Verizon, suggests these tiny laptops are increasingly being positioned as much as an additional mobile network-connected device as a supplemental computer.
It's unclear if the AT&T exec's remarks on e-readers are anything more than an off-the-cuff response to the success of the Kindle. But the notion of another carrier joining Sprint — the carrier the Kindle uses — in the e-book business is intriguing. Wireless access to content is one of the most compelling aspects of the Kindle, giving it the edge over competitors like the Sony Reader (which we've covered in the past). The other is access to the huge library of e-content — Amazon's 250,000 Kindle titles in the case of the Kindle. And to offer a compelling option to the Kindle, AT&T, Verizon, or any other carrier, will need to find a content partner with a competitive library. It isn't immediately clear who might be able to offer that (perhaps other than Sony, with its Reader library.)
Consumer Reports has no relationship with any advertisers on Yahoo!
Copyright © 2005-2009 Consumers Union of U.S., Inc.
SOURCE: http://shopping.yahoo.com/articles/yshoppingarticles/221/att-to-offer-50-netbooks/
AT&T will begin selling netbooks with integrated wireless Internet cards, selling them for as low as $50 — with a data plan contract, of course. The rollout will begin in Atlanta and Philadelphia.
AT&T is also looking to enter the e-book market, according a company exec quoted by Bloomberg at the recent trade show in Las Vegas hosted by industry organization CTIA Wireless:
Verizon has also expressed interest in entering the e-reader fray, saying it had been approached by five (undisclosed) companies interested in a wireless connection like that of the Kindle.
The takeaway: AT&T's netbook announcement, along with an earlier one from Verizon, suggests these tiny laptops are increasingly being positioned as much as an additional mobile network-connected device as a supplemental computer.
It's unclear if the AT&T exec's remarks on e-readers are anything more than an off-the-cuff response to the success of the Kindle. But the notion of another carrier joining Sprint — the carrier the Kindle uses — in the e-book business is intriguing. Wireless access to content is one of the most compelling aspects of the Kindle, giving it the edge over competitors like the Sony Reader (which we've covered in the past). The other is access to the huge library of e-content — Amazon's 250,000 Kindle titles in the case of the Kindle. And to offer a compelling option to the Kindle, AT&T, Verizon, or any other carrier, will need to find a content partner with a competitive library. It isn't immediately clear who might be able to offer that (perhaps other than Sony, with its Reader library.)
Consumer Reports has no relationship with any advertisers on Yahoo!
Copyright © 2005-2009 Consumers Union of U.S., Inc.
SOURCE: http://shopping.yahoo.com/articles/yshoppingarticles/221/att-to-offer-50-netbooks/
Friday, April 10, 2009
how to remove domino.exe
how to remove domino.exe
the file domino.exe
c:\windows\domino.exe
or
c:\windows\system32\domino.exe
Domino.exe is not a Microsoft Windows file. The program has no visible window. The program starts upon
Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run,
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders). The file is an
unknown file in the Windows folder. There is no information about the maker of the file.
the file domino.exe comes from a webcam installer.
either you delete it or not, its up to you, but some virus may hide in domino.exe filename..
so be carefull. some may hide in c:\windows\system32 folder.
To remove domino.exe
on your desktop,. press CTRL + del - this will bring up the task manager
find the process domino.exe the select it the click the end task command button
this will terminate the application domino.exe
now browse from your my computer to c:\windows and find the file domino.exe
from there you can delete the file.
you may need to run a registry scanner to download a registry scanner and cookie removal tool
follow this other haktech guide.
http://haktech.blogspot.com/2009/04/how-to-remove-cookies.html
Haktech guide by mark sheldon wong
http://www.nsfive.net
the file domino.exe
c:\windows\domino.exe
or
c:\windows\system32\domino.exe
Domino.exe is not a Microsoft Windows file. The program has no visible window. The program starts upon
Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run,
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders). The file is an
unknown file in the Windows folder. There is no information about the maker of the file.
the file domino.exe comes from a webcam installer.
either you delete it or not, its up to you, but some virus may hide in domino.exe filename..
so be carefull. some may hide in c:\windows\system32 folder.
To remove domino.exe
on your desktop,. press CTRL + del - this will bring up the task manager
find the process domino.exe the select it the click the end task command button
this will terminate the application domino.exe
now browse from your my computer to c:\windows and find the file domino.exe
from there you can delete the file.
you may need to run a registry scanner to download a registry scanner and cookie removal tool
follow this other haktech guide.
http://haktech.blogspot.com/2009/04/how-to-remove-cookies.html
Haktech guide by mark sheldon wong
http://www.nsfive.net
Wednesday, April 8, 2009
how to remove cookies
how to remove cookies - cleaning a cookie
Everyone has heard of cookies, most people love them, especially with milk. But these cookies have got some bad press. But don't worry, the cookie monster won't get you. Here's everything you need to know about removing cookies: Cookies are a technology that enables Web sites to store small bits of information on your hard drive, and then ask for that information back at a later time. They are very small, the maximum allowed is 4 kb per cookie and one site can give you no more than 20 cookies.
To remove cookies from your computer, i am writing this guide, its very simple to do so.
all we need is just a tool available for download here all in 1 cookie cleaner download
Cleans the following:
-all you need to do is download and install, once installed just run the software and boom, you got an all in 1 cleaner..
this is another guide by Haktech.blogspot.com - by: mark sheldon wong
www.nsfive.net
Everyone has heard of cookies, most people love them, especially with milk. But these cookies have got some bad press. But don't worry, the cookie monster won't get you. Here's everything you need to know about removing cookies: Cookies are a technology that enables Web sites to store small bits of information on your hard drive, and then ask for that information back at a later time. They are very small, the maximum allowed is 4 kb per cookie and one site can give you no more than 20 cookies.
To remove cookies from your computer, i am writing this guide, its very simple to do so.
all we need is just a tool available for download here all in 1 cookie cleaner download
Cleans the following:
 | Internet Explorer Temporary files, history, cookies, Autocomplete form history, index.dat. |
 | Firefox Temporary files, history, cookies, download history, form history. |
 | Google Chrome Temporary files, history, cookies, download history, form history. |
 | Opera Temporary files, history, cookies. |
 | Safari Temporary files, history, cookies, form history. |
 | Windows Recycle Bin, Recent Documents, Temporary files and Log files. |
 | Registry cleaner Advanced features to remove unused and old entries, including File Extensions, ActiveX Controls, ClassIDs, ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files, Application Paths, Icons, Invalid Shortcuts and more... also comes with a comprehensive backup feature. |
 | Third-party applications Removes temp files and recent file lists (MRUs) from many apps including Media Player, eMule, Kazaa, Google Toolbar, Netscape, Microsoft Office, Nero, Adobe Acrobat, WinRAR, WinAce, WinZip and many more... |
 | 100% Spyware FREE This software does NOT contain any Spyware, Adware or Viruses. |
-all you need to do is download and install, once installed just run the software and boom, you got an all in 1 cleaner..
this is another guide by Haktech.blogspot.com - by: mark sheldon wong
www.nsfive.net
Tuesday, April 7, 2009
Anonymity of Proxy
Anonymity of Proxy
The exchange of information in Internet is made by the "client - server" model. A client sends a request (what files he needs) and a server sends a reply (required files). For close cooperation (full understanding) between a client and a server the client sends additional information about itself: a version and a name of an operating system, configuration of a browser (including its name and version) etc. This information can be necessary for the server in order to know which web-page should be given (open) to the client. There are different variants of web-pages for different configurations of browsers. However, as long as web-pages do not usually depend on browsers, it makes sense to hide this information from the web-server.
What your browser transmits to a web-server:
a name and a version of an operating system
a name and a version of a browser
configuration of a browser (display resolution, color depth, java / javascript support, ...)
IP-address of a client
Other information
The most important part of such information (and absolutely needless for a web-server) is information about IP-address. Using your IP it is possible to know about you the following:
a country where you are from
a city
your provider?s name and e-mail
your physical address
Information, transmitted by a client to a server is available (accessible) for a server as environment variables. Every information unit is a value of some variable. If any information unit is not transmitted, then corresponding variable will be empty (its value will be undetermined).
These are some environment variables:
REMOTE_ADDR ? IP address of a client
HTTP_VIA ? if it is not empty, then a proxy is used. Value is an address (or several addresses) of a proxy server, this variable is added by a proxy server itself if you use one.
HTTP_X_FORWARDED_FOR ? if it is not empty, then a proxy is used. Value is a real IP address of a client (your IP), this variable is also added by a proxy server if you use one.
HTTP_ACCEPT_LANGUAGE ? what language is used in browser (what language a page should be displayed in)
HTTP_USER_AGENT ? so called "a user?s agent". For all browsers this is Mozilla. Furthermore, browser?s name and version (e.g. MSIE 5.5) and an operating system (e.g. Windows 98) is also mentioned here.
HTTP_HOST ? is a web server?s name
This is a small part of environment variables. In fact there are much more of them (DOCUMENT_ROOT, HTTP_ACCEPT_ENCODING, HTTP_CACHE_CONTROL, HTTP_CONNECTION, SERVER_ADDR, SERVER_SOFTWARE, SERVER_PROTOCOL, ...). Their quantity can depend on settings of both a server and a client.
These are examples of variable values:
REMOTE_ADDR = 194.85.1.1
HTTP_ACCEPT_LANGUAGE = ru
HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)
HTTP_HOST = www.webserver.ru
HTTP_VIA = 194.85.1.1 (Squid/2.4.STABLE7)
HTTP_X_FORWARDED_FOR = 194.115.5.5
Anonymity at work in Internet is determined by what environment variables "hide" from a web-server.
If a proxy server is not used, then environment variables look in the following way:
REMOTE_ADDR = your IP
HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined
According to how environment variables "hided" by proxy servers, there are several types of proxies
Transparent Proxies
They do not hide information about your IP address:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = your IP
The function of such proxy servers is not the improvement of your anonymity in Internet. Their purpose is information cashing, organization of joint access to Internet of several computers, etc.
Anonymous Proxies
All proxy servers, that hide a client?s IP address in any way are called anonymous proxies
Simple Anonymous Proxies
These proxy servers do not hide a fact that a proxy is used, however they replace your IP with its own:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = proxy IP
These proxies are the most widespread among other anonymous proxy servers.
Distorting Proxies
As well as simple anonymous proxy servers these proxies do not hide the fact that a proxy server is used. However a client?s IP address (your IP address) is replaced with another (arbitrary, random) IP:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = random IP address
High Anonymity Proxies
These proxy servers are also called "high anonymity proxy". In contrast to other types of anonymity proxy servers they hide a fact of using a proxy:
REMOTE_ADDR = proxy IP
HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined
That means that values of variables are the same as if proxy is not used, with the exception of one very important thing ? proxy IP is used instead of your IP address.
Summary
Depending on purposes there are transparent and anonymity proxies. However, remember, using proxy servers you hide only your IP from a web-server, but other information (about browser configuration) is accessible!
-Haktech
The exchange of information in Internet is made by the "client - server" model. A client sends a request (what files he needs) and a server sends a reply (required files). For close cooperation (full understanding) between a client and a server the client sends additional information about itself: a version and a name of an operating system, configuration of a browser (including its name and version) etc. This information can be necessary for the server in order to know which web-page should be given (open) to the client. There are different variants of web-pages for different configurations of browsers. However, as long as web-pages do not usually depend on browsers, it makes sense to hide this information from the web-server.
What your browser transmits to a web-server:
a name and a version of an operating system
a name and a version of a browser
configuration of a browser (display resolution, color depth, java / javascript support, ...)
IP-address of a client
Other information
The most important part of such information (and absolutely needless for a web-server) is information about IP-address. Using your IP it is possible to know about you the following:
a country where you are from
a city
your provider?s name and e-mail
your physical address
Information, transmitted by a client to a server is available (accessible) for a server as environment variables. Every information unit is a value of some variable. If any information unit is not transmitted, then corresponding variable will be empty (its value will be undetermined).
These are some environment variables:
REMOTE_ADDR ? IP address of a client
HTTP_VIA ? if it is not empty, then a proxy is used. Value is an address (or several addresses) of a proxy server, this variable is added by a proxy server itself if you use one.
HTTP_X_FORWARDED_FOR ? if it is not empty, then a proxy is used. Value is a real IP address of a client (your IP), this variable is also added by a proxy server if you use one.
HTTP_ACCEPT_LANGUAGE ? what language is used in browser (what language a page should be displayed in)
HTTP_USER_AGENT ? so called "a user?s agent". For all browsers this is Mozilla. Furthermore, browser?s name and version (e.g. MSIE 5.5) and an operating system (e.g. Windows 98) is also mentioned here.
HTTP_HOST ? is a web server?s name
This is a small part of environment variables. In fact there are much more of them (DOCUMENT_ROOT, HTTP_ACCEPT_ENCODING, HTTP_CACHE_CONTROL, HTTP_CONNECTION, SERVER_ADDR, SERVER_SOFTWARE, SERVER_PROTOCOL, ...). Their quantity can depend on settings of both a server and a client.
These are examples of variable values:
REMOTE_ADDR = 194.85.1.1
HTTP_ACCEPT_LANGUAGE = ru
HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)
HTTP_HOST = www.webserver.ru
HTTP_VIA = 194.85.1.1 (Squid/2.4.STABLE7)
HTTP_X_FORWARDED_FOR = 194.115.5.5
Anonymity at work in Internet is determined by what environment variables "hide" from a web-server.
If a proxy server is not used, then environment variables look in the following way:
REMOTE_ADDR = your IP
HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined
According to how environment variables "hided" by proxy servers, there are several types of proxies
Transparent Proxies
They do not hide information about your IP address:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = your IP
The function of such proxy servers is not the improvement of your anonymity in Internet. Their purpose is information cashing, organization of joint access to Internet of several computers, etc.
Anonymous Proxies
All proxy servers, that hide a client?s IP address in any way are called anonymous proxies
Simple Anonymous Proxies
These proxy servers do not hide a fact that a proxy is used, however they replace your IP with its own:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = proxy IP
These proxies are the most widespread among other anonymous proxy servers.
Distorting Proxies
As well as simple anonymous proxy servers these proxies do not hide the fact that a proxy server is used. However a client?s IP address (your IP address) is replaced with another (arbitrary, random) IP:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy IP
HTTP_X_FORWARDED_FOR = random IP address
High Anonymity Proxies
These proxy servers are also called "high anonymity proxy". In contrast to other types of anonymity proxy servers they hide a fact of using a proxy:
REMOTE_ADDR = proxy IP
HTTP_VIA = not determined
HTTP_X_FORWARDED_FOR = not determined
That means that values of variables are the same as if proxy is not used, with the exception of one very important thing ? proxy IP is used instead of your IP address.
Summary
Depending on purposes there are transparent and anonymity proxies. However, remember, using proxy servers you hide only your IP from a web-server, but other information (about browser configuration) is accessible!
-Haktech
Subscribe to:
Posts (Atom)