Results 1 to 1 of 1

Thread: When You Think You Surf Anonymously But You Don’t

  1. #1
    Mike-XS's Avatar
    Mike-XS is offline XeroAgent
    Join Date
    Sep 2009
    Location
    OZ
    Posts
    209
    Thanks
    30
    Thanked 109 Times in 71 Posts

    When You Think You Surf Anonymously But You Don’t

    Hi, here's a very interesting article below about the use of Glype proxies and the insecurity issues that result from logging proxy users traffic and not protecting your logs from unauthorised access.

    Unfortunately if you are using the default Glype .htaccess file, your site is at risk because it lacks any kind of security protection to stop strangers from looking at your logs.

    The Glype .htaccess has option -indexes, which only prevents a directory listing of the files, it does not restrict unauthorised access or prevent anyone from loading the log files if they already know what to look for.

    You should really add the following line to your .htaccess file to start securing your logs file directory and stop strangers from reading your log files.

    deny from all
    By placing this .htaccess file in the /tmp/ directory it will protect both /logs and /cache from unauthorised access.

    This will now give a 403 Forbidden error to everyone who tries to load your proxy logs, instead of the limited directory listing with the default .htaccess. You can still access the logs through the Glype admin or via FTP without any problems..

    403 Permission Denied
    You do not have permission for this request /tmp/logs/
    Do it now please. Then test that your logs are secure.



    --

    Please read the full article.
    When You Think You Surf Anonymously But You Don't | abuse.ch

    When You Think You Surf Anonymously But You Don’t
    -

    *** The facts ***

    Fact is that there are a lot of insecure servers out there running Glype: I was able to retrive the logs of several Glype proxies – and the results are really interesting.


    But such proxies are becoming a problem as soon as they are used by employees of governmental and military organistaions (like shown above):

    These proxies could be a great resource for terroristic organization and foreign intelligence services!

    Many of the governmental traces I’ve seen are on facebook – so I was able to catch the names of employees of various governmental and military organizations. To show you the threat of such ‘information’ I will make real example which I saw in those logfiles


    *** Glype proxies as security risk ***

    As I already pointed out I don’t see a problem in users bypassing internet censorship per se.

    They just have to know that they don’t really surf anonymously when they use such script based proxies (like Glype) and that those logfiles are propably accessible by anyone from anywhere.

    But such proxies are becoming a problem as soon as they are used by employees of governmental and military organistaions (like shown above): These proxies could be a great resource for terroristic organization and foreign intelligence services!

    Many of the governmental traces I’ve seen are on facebook – so I was able to catch the names of employees of various governmental and military organizations. To show you the threat of such ‘information’ I will make real example which I saw in those logfiles.

    You might have noticed that I mentioned Ministry of Foreign Affairs before (of a country which I won’t name here). While checking the logs I just came across a user who surfed on Facebook. The Logfiles provides a link to a profile of a employee of the Ministry of Foreign Affairs.

    When I checked the profile, I just noticed that this user is obviously a employee of the Security Service at the Ministry of Foreign Affairs.

    In fact, this person is now a high value target for terroristic organization and foreign intelligence services who are now able to get personal information about this person easily.

    This allows them to apply pressure and blackmail the person in order to gain access to classified information and documents.

    *** Conclusion ***




    My research on these Glype proxies allow me to make the following conclusions:
    • Glype- (and other script based proxies) aren’t really anonymous
    • You don’t who runs these proxies
    • Most users for those proxies just want to bypass internet censoreship of their country or schools/universities
    • But there are many users from governmental and military organizations using those proxies too
    • In those cases you may be able to hide your web traffic from your administrator but you will leave traces in other places which are probably a threat of your whole company!
    • Administrators and security folks have to know about these risks and have to adopt compensating measures and/or providing awareness to its users
    • If you run such a Glype proxy you have to know that you will propably be responsible for any illegal activites which are passing your proxy. Are you sure that your Glype proxy is not being abuse to access ilegal content like Childporn?

    ---
    Last edited by Mike-XS; 12 May, 2010 at 12:58 PM.

Similar Threads

  1. Get Your Blog Read - Don’t Miss Out
    By Sami4u in forum Blogging
    Replies: 4
    Last Post: 2 April, 2010, 08:13 AM
  2. Don’t Waste Money on Email Marketing
    By m42 in forum Promoting
    Replies: 9
    Last Post: 1 July, 2009, 15:16 PM
  3. Don’t laugh, if you can!
    By Suman in forum General Chat
    Replies: 7
    Last Post: 5 June, 2009, 23:28 PM
  4. how much do you surf the web ?
    By mega in forum General Chat
    Replies: 3
    Last Post: 14 May, 2009, 23:27 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •