RE: [squid-users] Anonymizing my "REMOTE_ADDR:" and my "REMOTE_HOST:" from Chris Robertson on 2005-12-07 (squid-users)

From: Chris Robertson <crobertson@dont-contact.us>
Date: Wed, 7 Dec 2005 16:38:24 -0900

> -----Original Message-----
> From: Palula Brasil [mailto:palula@uol.com.br]
> Sent: Monday, December 05, 2005 5:36 PM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Anonymizing my "REMOTE_ADDR:" and my
> "REMOTE_HOST:"
>
>
> Hi there.
>
> I managed to anonymize Via and X_Forwarded_For. Yay!!!
>
> But now I can't find a way to anonymize the really important headers. When I
> visit a security test site, remote_addr and remote_host still show my real
> IP and hostname.

Is it the IP and hostname of the computer you are using to browse, or the IP and hostname of the computer you are using as your proxy (assuming they are different).

> Can anybody tell me the string necessary for these two
> lines... Here's is an example of how I anonymized my proxy (with the "Via"
> string in squid.conf)
>
> header_access Via deny all
> header_replace Via (STEALTHED)
>
> Meaning that any response of my browser to a Via header will be replaced to
> "(STEALTHED)".
>
> Take a look at this one:
>
> header_access X_Forward_For deny all
> header_replace X_Forward_For unknown
>
> Meaning that any response of my browser to a X_Forward_For header will be
> replaced with "unknown".
>
> I found out that Via represents the name of cache proxiing software and
> version and that X_Forward_To shows the IP address of the machines inside my
> network that are requesting the "site"... So now, these aren't appearing.
> Awsome!!!
>
> But what would be the string that references my valid IP address (i.e:
> 66.147.241.17) and hostname (i.e: 066147241017.userisp.com.country) for me
> to "deny all" and after that change to whatever I want (i.e: 123.231.132.132
> and 123231132132.you.cant.see)?

This is where my confusion sets in. It looks like you don't want anyone to know what IP your proxy is using to talk to the outside world... How would the servers you connect to know where to send responses? In other words, if you are trying to do what I think you are trying to do, be happy with what you have, or use an anonymization service. The IP that you are connecting from will still be available to that service, but (hopefully) they won't keep that information.

>
> Thanks a lot!
> Took a lot of struggle to get here... :-)
>
>

Chris
Received on Wed Dec 07 2005 - 18:38:30 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST