OFF: anonymizers (was Re: NIK: HW: Burg Herzberg etc.)
Drill
drill.0010.1011.1100 at GMAIL.COM
Fri Jul 22 15:10:44 EDT 2005
On 7/22/05, Arin Komins <akomins at uchicago.edu> wrote:
> On Fri, 22 Jul 2005, Drill wrote:
>
> :Subject: Re: NIK: HW: Burg Herzberg etc.
> :
> :Does that work? Someone showed me a way to employ international proxy
> :servers but I don't remember the details or how it could be so
> :effective. I can't use anything useful with the free anonymizer,
> :specifically email and internet-phone relay services. But tangible
>
> [snip]
>
> :> Is it okay if we use it to send harassing e-mail to people when
> :> necessary (logged in via anonymizer.com, naturally)? >;-)
>
> [snip]
>
> Web anonymizers work brilliantly if you are using web-based mail clients.
> If you are using POP(S), IMAP(S), or MAPI (for you Exchange-loving fiends
> out there), then anonymizing is a bit more tricky. If you are in a
> SMTP-AUTH scenario, then perhaps you want to rethink the need to anonymize
> ;-)
>
> If you want to do your own anonymization for web-based mail products (or
> web surfing in general), you can download and use one of the handy-dandy
> web proxy tools (normally used for security research). I happen to like
> webproxy (used to be free from the now defunct Lopht/atstake crew) and
> webscarab (from owasp.org.)
Clueless at the time but I remember when Lophtcrack was the new heroic
thing to the hackers.
Almost got to watch someone test it on one of the university computers
but they were too late to the punch, I guess thanks to all the
attention around the issue the IT office picked up the slack real
fast!
>
> Remember to set up your own regex's, though, for anonymity, as by default
> most proxy tools don't remove your identifying info. I'd also change the
> user agent strings, just in case someone is blocking your particular proxy
Important stuff I'll need to look into it more not having any cohesive
foundations in the subject. Played with a few tools like NMap and a
security themed diagnostics package (Helix) but didn't have any ideas
for what to do with them! Knowing how to surf anonymously though seems
like something too sensible to put off forever.
> ;-)
>
> Arin
> (web application security person by day ;-) )
> --
> ------------------------------------------------------------------
> Arin Komins akomins at uchicago.edu
> Assistant Director/ENSS
> University of Chicago/NSIT/ENSS tel: (773)834-4087
> 1155 E. 60th St. #418 Chicago, IL 60637 fax: (773)702-0559
> ------------------------------------------------------------------
>
--
Rotary Clench Mars Human Exchange & Suicide Program
- Kill All Humans
More information about the boc-l
mailing list