Why block web hit counters?

X-No-Archive: Yes

Well, I just found out another reason why StatCounter and the firewall logs do not always match. THere are many web-based proxies as well, which also solves the riddlle of why I get hits from servers on server colocation centres around the world, and why so many hits from Yahoo addressed. After doing some investigation, I find that most sites running PHPProxy are set be default to block the "pings" to sites, such as StatCounter, that record such information, and that a lot of these hits coming from server farms all over the place are occurring during the workday in America.

It appears that to evade even so called "secure" networks, such as those you say you create, they are paying the costs of colocating a server at a colocation facility somewhere, and then putting something like PHPProxy on those machines, and then surfing the net from work, through those web-based proxies. Becusae its on a server farm, most filter, like Moe used to mention on here, where his firm blocks all known residential IP blocks, are not going to catch this, becuase these web based proxies are located in server colocation facilities, that are on business-related IP blocks. Though server farms are aimed towards businesses, they will sell to any indiviual willing to pay the rather exorbitant monthly charges. And also, many residential IPs are going not going to be caught, becuase business-level DSL service has now come down to more sane prices over the past several years. They are still quite a bit higher than residential services, but business service with 6 megs download and 768K upload can be had now for as little as $75 per month, from some American DSL Internet providers, and even less if you sign up for a one-year term, some companies will give you such service for as little as $59 per month. This means that someone could evade a system, like Moe's that blocks known residential blocks, by getting this new lower-priced business internet service into their homes.

By default many web proxy programs block hits to web counter and logging services, and block many cookies, which does, of course, make it harder for someone to listen to me through Live 365, becuase the changed the rules last April and prohibited direct links to listen to third-party players and only allowed linking to the Live 365 web-based player, from web pages. Of course an astute user can still get the direct URL for third-party players, and jot that down at home before leaving for work in the morning. There are a number of programs freely available on the Net that will monitor your computer's traffic in real time, and the direct-link IP and port to my Live 365 station (or any other Live 365 station) can be found fairly quickly. The only caveat is that if the station is only available to VIP subscription listeners, this method will not work.

Simply put, someone could, at this very moment, be using one of these web-based proxies to bypass your filters/firewalls, right under your nose, and you will have no CLUE as to what they are up to.

It appears you don't understand network security - it's very simple to block access to unapproved websites - in fact, a good security method is to block access to all sites and only allow access to those sites necessary for business.

LOL - Not a chance chumpy.

Thanks for stating the obvious.

X-No-Archive: Yes

Three is now a new and EXPENSIVE anoymizing/proxy service on the marker now ($200 per month) that is the most elite anonymising network ever devised. They designers have made it where the proxies in the network have virtually no chance of showing up in any proxy blacklists, so even "secure" networks like yours could be vulnerable to these new proxy services, where users can bypass virtually any measure in existence to stop them. This site uses uses encrypted that goes beyond military grade, so all thet traffic to the network is encrypted. This is no POSSIBLE way you are goning to be able to stop this for a few years. Your security meaures will become USELESS against this new service, becuase proxy detectors will not likely have these proxies in their filtering lists, as only subscribing members to access them.

snipped-for-privacy@hotmail.com wrote in news:1189982433.445255.244120 @o80g2000hse.googlegroups.com:

All it takes is for one admin to subscribe and use the service to figure it all out and then disclose (anonymously, of course) the information for other admins to use. Not like it hasn't happened before.

Sheesh, I'm just a home user on one computer and I can figure this out....

Brian

However, these for-pay proxy services run differently than you average open proxy or anonymizer. Insted of putting a list on the web, and requiring you to change settings on your browser, you run a piece of client software, and then select the paremeters, such as appearing to be from a certain country, and then it launches IE (or just about any other program) under the anonymizing service. It randomly selects a proxy, based on your criteria, and then connects you through that proxy. The service I use is very user-friendly. This makes it far more difficult ot bllacklist EVERY proxy on the system. By using the service I use (run out of Bajamar, Mexico), you would have your network admins playing "whack a mole", trying to block you.

The ability to specifiy by country is very handy, allowing be to listen to Pandora, from outside the United States. I simply tell the client software to connect me to a proxy in the United States, and then I hit Pandora's site, and I can listen. I do the same thing for Capital Radio in London (restricted to British listeners), I just tell the client program to find me proxies on the network in the United Kingdom, and, within moments, I am listening to Capital FM in London, circumventing the geographical restrictions. Neither Capital FM. I also do this to listen to Clear Channel stations, when outside the U.S., which have also been restricted to U.S. listeners.

Wrong, your solution would be blocked, by default, on properly secured networks.

Chilly, you're a complete idiot - if the users can't get to the non- approved site to start with, they can't make use of the proxy service no matter what IP/address it's at.

A properly secure network blocks all unapproved access for users - so, that means that unless the site is approved by management or I.T., you can't reach it, period, nada, never, no way.

It's that simple dude. You have no hope of screwing your listeners on a properly secured network, not to mention that they would still be detected by any entry level security type.

X-No-Archive: Yes

There is one way I discovered quite by accident. Becuase the PPLive P2P TV service blocks its movie channels to those outside of China (and does a damn good job of it as well), I have to use some pretty heavy countermeasures. When I was using Proxifier to watch Shrek 3, on one of their movie channels, I discovered, when I turned on my anonymity service, that the bits bounds for the subscription anonymity service I was using were being intercepted by Proxifier and being stuff down the open proxy I was using in China.

This could also be used to make anonymity services tunnel right throgh the company proxy, since the bits will be stuffed down whatever proxy that Proxifier is configured to use. So one could install proxifier on their office PC, configure it to use the company proxy, then launch the client software for whatever anoymity service they are using, and Proxifier will intercet and reroute the bits through the company proxy, before they reach the anonymity service. So the proxifier software, combined with ANY anonymity service, can tunnel through ANY corporate proxy, that the proxy addresses, becuase they are random and change often will not likely be in your vendor's filtering list. You launch Proxifer first, then launch the client program for your anonymity service.

One word of caution, though, Proxifier will attempt to stuff EVERYTHING down whatever proxy you are using, so if you need to access any local resources on your office network, you will have to shut down the Proxifier program, or it will attempt to access office network resources by way of whatever proxy Proxifier is set to use. If you decide to go this route, do remember to shut down Proxifier before attempting to use any local network resources on your office network, or they will likely be inaccessible (unless you have some inept admins that make file and printer sharing acessible from the entire Internet).

So, now you support people using something that will DISRUPT a company network.... Good job, idiot.

I have a new solution. I just added TVU the talk show and sports events we cover, and our listenership has gone up, during times when the TVU feed is active. Becuase of the way that TVU works, it would be very difficult to block the TVU stream of our stations. While TVU is meant for online TV broadcasting, it works well for online radio as well. I just finished the first talk show of mine with the TVU feed as one of the feeds offered, and many corporate networks in Hawaii, Australia, and Asia were tuned in. I also saw a lot of connections to my TVU stream coming from Tor nodes, so TVU will apparently interface well with Tor. There is one P2PTV related site that gives instructions how how to bypass filtering and use virtually any of the P2P TV programs out there now (and there are probably a few dozen such networks out there now) with an open proxy server. I tested them and it really works, which is why I added TVU, and intend to add other P2P feeds for my talk show and our sports programming later on. Sopcast, PPMate, PPStream, etc, are many other services that now sell broadcasting subscriptions, allowing us to expand our reach and avoid filtering/montoring in most schools, corporations, and institutions, around the world, becuase of the way these P2P radio and TV networks work.

That just proves that you don't really know how security works, how streaming works, how easy it is to block. Trust me, your unethical hack sites can't be seen from properly secured networks.

X-No-Archive: Yes

Well, my trick of tripping up Websense, Bess, Sentian, WebWasher and SurfContol is producing results. As I am writing this, someone working at a bank in Walnut Creek, Ca, and it is a major corporate bank, that does use filtering software. Someone is listening to my station while working at that bank, so that shows my trick to freak out filtering software from the major filtering software vendors is working, if someone from a Fortune 500 company can access my radio station.

It's not a trick, it's a know issue and the admins at those companies that allow their users access are just not concerned.

Blocking your unethical hack site is simple, and it doesn't require any "web blocking" services.