Re: [squid-users] Anonymizing my "REMOTE_ADDR:" and my "REMOTE_HOST:"

From: Palula Brasil <[email protected]>
Date: Thu, 8 Dec 2005 09:57:49 -0200

"Is it the IP and hostname of the computer you are using to browse, or the
IP and hostname of the computer you are using as your proxy (assuming they
are different)."

No the IP that is showing is the IP and hostname of the proxy server. Before
creating the line header_access *.*, the IP and hostname of my internal
machine were showing but now they aren't. :-)

"This is where my confusion sets in. It looks like you don't want anyone to
know what IP your proxy is using to talk to the outside world... How would
the servers you connect to know where to send responses? In other words, if
you are trying to do what I think you are trying to do, be happy with what
you have, or use an anonymization service. The IP that you are connecting
from will still be available to that service, but (hopefully) they won't
keep that information."

You're right. I thought Squid could anonymize the IP address and the name of
its own machine but I was wrong. ... "How would the servers you connect to
know where to send responses?" -- seems a real silly question now.

Thanks a lot Chris! :-)

----- Original Message -----
From: "Chris Robertson" <crobertson@gci.com>
To: <squid-users@squid-cache.org>
Sent: Wednesday, December 07, 2005 11:38 PM
Subject: RE: [squid-users] Anonymizing my "REMOTE_ADDR:" and my
"REMOTE_HOST:"

> -----Original Message-----
> From: Palula Brasil [mailto:palula@uol.com.br]
> Sent: Monday, December 05, 2005 5:36 PM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Anonymizing my "REMOTE_ADDR:" and my
> "REMOTE_HOST:"
>
>
> Hi there.
>
> I managed to anonymize Via and X_Forwarded_For. Yay!!!
>
> But now I can't find a way to anonymize the really important headers. When
I
> visit a security test site, remote_addr and remote_host still show my real
> IP and hostname.

Is it the IP and hostname of the computer you are using to browse, or the IP
and hostname of the computer you are using as your proxy (assuming they are
different).

> Can anybody tell me the string necessary for these two
> lines... Here's is an example of how I anonymized my proxy (with the "Via"
> string in squid.conf)
>
> header_access Via deny all
> header_replace Via (STEALTHED)
>
> Meaning that any response of my browser to a Via header will be replaced
to
> "(STEALTHED)".
>
> Take a look at this one:
>
> header_access X_Forward_For deny all
> header_replace X_Forward_For unknown
>
> Meaning that any response of my browser to a X_Forward_For header will be
> replaced with "unknown".
>
> I found out that Via represents the name of cache proxiing software and
> version and that X_Forward_To shows the IP address of the machines inside
my
> network that are requesting the "site"... So now, these aren't appearing.
> Awsome!!!
>
> But what would be the string that references my valid IP address (i.e:
> 66.147.241.17) and hostname (i.e: 066147241017.userisp.com.country) for me
> to "deny all" and after that change to whatever I want (i.e:
123.231.132.132
> and 123231132132.you.cant.see)?

This is where my confusion sets in. It looks like you don't want anyone to
know what IP your proxy is using to talk to the outside world... How would
the servers you connect to know where to send responses? In other words, if
you are trying to do what I think you are trying to do, be happy with what
you have, or use an anonymization service. The IP that you are connecting
from will still be available to that service, but (hopefully) they won't
keep that information.

>
> Thanks a lot!
> Took a lot of struggle to get here... :-)
>
>

Chris
Received on Thu Dec 08 2005 - 05:57:47 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 31 2005 - 12:00:02 MST