HOW in the HELL did they FIND me?

Based upon your Subject, you appear to be a bit annoyed at this mass use of your system resources. If so, then you should not be, since you have made it clear that you consider use of network resources without specific authorization to be valid and justified and not a crime or punishable as long as no password was broken. It was, in your framework, your fault for failing to lock down your access sufficiently, not anyone's fault for taking advantage of that insufficiency.

Its not that. Its the fact that I will likely be placed in the proxy blacklists. The various proxy lists are where the blacklists are compiled from, and I will likely be blocked at many corporations within the next few days. The use of resources does not concern me as much as the likelihood of getting added to proxy blacklists, and being blocked on many corporate networks now. I had far more than the load I have now, during Cyber Monday, last November.

Like I say, its not the use of resources that gets me, its the fact that I will appear on proxy blacklists, and be blocked, the next time companies update their filtering lists.

Tough.

Well now you know it's not true, don't you.

You're complaining about people (mis)using your connection's resources when you actively enable other people to misuse their (corporate) resources?

Doesn't that strike you as a little, um, hypocritical? Chris

Based upon your Subject, you appear to be a bit annoyed at this

Well, I hope it ups Chilly's internet charges.

X-No-Archive: Yes

It is NOT that. Is is the fact that the makers of proxy blacklists compile thier lists from all the lists of public proxies that exist. This means that my proxy will soon be on a lot of blacklists and will be blocked on filtering system used on many corporate networks.

The ONLY reason my proxy has been usable in corporate enviromenents is because it was NOT on any proxy blacklists. Now, becuase I AM in the proxy lists, I will soon be on a lot of corporate proxy blacklists, just as soon as their filtering lists are updated.

X-No-Archive: Yes

Holy SHIT!!!!

I have been watching what has been going on for a few hours now. As the workday is under way in Asia and Australia, I see INCREDIBLE number of connections to my proxy coming from corporate networks all over Australia and Asia. They managed to find one filteing proxy we use here at the station. We DO block p*rn, but users are using THAT proxy to access all kinds of site. Looking at the real-time monitoring of where people are going, they are surfing ALL kinds of sites from work. I have seen connections to dating sites, entertainment sites. People are accessing all kinds of blogging sites. A lot of people are surfing MySpace from work. I have a NUMBER of connections to Live 365 and Pandora stations. People are listening to Pandora from work, as well, and in large numbers. The Live 365 stations being listened too vary quite a bit. People are watching basketball games on NBA League Pass, on NBA Broadband. The NBA is quite popular in China (CCTV5 has a lot of it at times). In short, some people in China, right now, are watching basketball.

I am seeing a LOT of hits to YouTube, and other video sites. People like to surf that from work, it appears.

The O'Reilly Factor is apparently a popular show. TVU has a 24-hour stream of Fox News Channel, and enough people were tuning in to the O'Reilly factor, from work, by way of my proxy, that the proxy software broke under the load. In the workplaces where the O'Reilly Factor was being watch, the boss would know that someone was pulling about 300K of bandwidth from a strange address, but would NEVER know what that user was up to. In other words, that boss will have no CLUE that someone was watching the O'Reilly Factor, using the company network.

They will see 300K from a server in France (I now have my server at a colocation facility in France), but will have no CLUE to what that person was doing.

You were wrong. :-\\

You've learned (the hard way) the security addage "Security through obscurity is neither as secure nor as obscure as you'd like to imagine."

Nope.

nmap -sV (as just one example) does service fingerprinting, poking at the port with a variety of greetings looking for it to respond to one.

Surely someone has cut down such functionality to simply look for things matching a proxy fingerprint and turned it loose on ip address ranges and looking at all ports.

If you offer a service on a port publicly, it will be found. Without restricting connections by IP, requiring authentication somehow, or port-knocking to dynamicaly open it up, I'm not sure how you'll stay off the lists. The cats kinda out of the bag, I'm afraid.

Best Regards,

. . The IT department at my work would be positively livid at that amount of bandwidth being used outside of authorized FTP transfers. I can guarantee that they would cut off internet access to that workstation very quickly, and the employee doing so would have a second, and possibly third asshole. Most likely fired, too. I could see warnings about listening to music while doing work, but its hard to do work while watching TV...

You have published on your web site. Just google for proxy and search the results for URLs or similar and someone will find it. Or someone accidentally found your web site and entered it manually. Or your IP address (do you have a static or dynamic one) had been fully scanned for open ports and after you know all open ports it is very easy to identify the major services on those ports (HTTP/S, SMTP/S, POP/S, IMAP/S, etc.)

Sidenote: those things you have found out about the people who use your proxy (and you could find out more about them) are exactly the reason why in general proxies won't really help you with anonymity unless you fully trust the person who runs the proxy. But we had this discussion just a short while ago...

Gerald

And we keep telling you that you don't know anything about networking, don't know anything about security, don't know anything about anything you post here about - but you won't listen to us.

It's simple to find anything running on a server/network, you're just too stupid to be ethical and it's going to get you found every time.

LOL, and you were already blocked by most corporations, as most of them have properly secured networks.

So, for the numbers of companies that use block lists, you will now show up on theirs too, but the sad part is that many companies don't lock down their networks well enough.

I hope that the group that found you continues to scan for your services (not that they care about you actually) and post it in block lists.

Network admins have a right to block content from their networks, and you content is the best type to block.

I know that block lists are based on what shows up in the proxy lists. If I turn off my proxy for a few days, I will dissappear from the proxy lists, and will, hence, be dropped from the proxy blacklists, since they go on what are on the various lists of open proxies all over the Net.

It was interesting to see what addresses people are connecting to. I must say people from corporate addresses were connecting to a variety of sites. A lot of people were connecting to MySpace from work. People were connecting to dating sites from work. It seems that eHarmony is surfed from work quite a bit.

But the biggest surprise, from Australian workplaces, was just how many people were coming through my proxy to watch the O'Reilly Factor, from work, through the TVU P2P television service. The boss would know that someone was comsuming 300K of bandwidth from ] my proxy, but he or she would NEVER figure out that someone was watching Bill O'Reilly from work,during the Australian workday. The times he comes oncorrespond to the working hours in Australia, and these employers whose networks were being used to watch O'Reilly will NEVER know what was going on.

Hi,

Chilly8 schrieb:

Wrong.

Easy.

scan over IP addresses (for found IP-adresses) Scan over ports (for open ports) analyse protocol signature

Cheers, Jens

but it's OK, because they're encrypted, and you and your imaginary engineers will NEVER KNOW what's in the traffic - and will just ignore it.

Of course - now mommy is going to be angry with him, and might start restricting his access to the computer - he won't be able to watch those girl figure-skates who wear those short skirts so you can see their legs when they spin, or stretch out and glide.

but it's all encrypted, and he has NO IDEA how to do anything about it.

Yeah, his mommy is going to be really unhappy with him for that. Well, there goes his imaginary Internet business.

Sheesh!

Old guy

X-No-Archive: Yes

It is NOT my internet costs that have me in a lather. It is the fact that my proxy is now going to be on proxy blacklists. I am solving this, however, by turning off my proxy for a few days, until the public proxy lists (which test proxies regularly), see my proxy as no longer working, and drop me from the lists. The filter makers that compile proxy blacklists use the public proxy lists from sites like Proxy4Free, Alive Proxy, etc, etc, to compile their lists from. Once I am off the public lists, I will be dropped form the proxy blacklists.

And I DO filter p*rn, at my radio station, and someone found that filteirng proxy. The ONLY categorites of content I have turned on are p*rn and gambling, It is our policy NOT to block anything else. That proxy, unlike my Tor entry proxy, was NOT meant for public consumption.

Which is where it belongs, and it will remain on them for a long time.

Unethical actions lead to bad things - you deserve to be shut down for your lack of ethics.

I will ONLY remain on the blacklists as long as I remain on the public proxy lists. Once the makers of the proxy blacklists tests my site, and finds my proxy not there, I will be dropped from the blacklists.

getting off takes a LOT longer than getting on.

I'd file that assumption in the "suspect" bin along with your prior assumption that they'd only be looking on usual ports.

You may find yourself blacklisted for longer than you assume.