Greetings, On Sun, 11 Apr 1999, DaRk[V]0c wrote: > Let's say you have a network and a firewall which links this network to > the external world. In the anonymizer service, the proxy is OPTIONAL, > that is, packets do not necessarily have to go trough the proxy. In a > network-firewall case, packets MUST go trough the firewall. It's not > phisically on logically possible that packets go around that. Therefore, > the anonymizing service keeps still. What you say about the capabilities of the firewall is true, in the sense that the JavaScript exploits will reveal the firewall's address instead of the user's address. However, the Java exploit will execute on the user's machine, and hence know its IP address. This information CAN be passed back through the firewall. Many companies which use firewalls, also use non-routable addresses for the machines protected by them (such as 192.168.*.*). Such information is not very useful to a third party unless they can identify which network (e.g. the firewall's address) the internal address belongs to. Firewall address + user address is probably enough to identify an individual user in this case. However, from the descriptions of the exploits, the use of JavaScript (to obtain the firewall address) and the use of Java (to obtain the client address) appear to be mutually exclusive in some cases. In other cases, or with other services, they are not exclusive and it would be possible to obtain both. In any case it is simply impossible to be completely anonymous on the Internet, because packets must find some way to reach the client. The fact that anonymising services do not keep logs of their users, makes tracing significantly harder, but what if an anonymiser was hacked? The hacker would make light work of identifying individual users. IMHO, nobody should ever rely on being completely anonymous on the web. I agree with the original poster that anonymising services should remove all Java and JavaScript from all web pages. However, the way that these services work, relies on certain assumptions which may not always be true. A better way to run an anonymiser would be as a real proxy server, to ensure that all web transactions were required to pass through it, but this would be harder to configure and use. Ciao, Chris. ___ __ _ / __// / ,__(_)_ | Chris Wilson <gccat_private> Unix+Net+SQL+Java+RC5 | / (_ / ,\/ _/ /_ \ | Phone: England 01223 477360 (until June 1999) | \__//_/_/_//_/___/ | Pager: England 07654 336007 (until I lose it) |
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:42:38 PDT