LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 03-02-2006, 12:22 PM   #1
ilan1
LQ Newbie
 
Registered: Jan 2006
Posts: 18

Rep: Reputation: 0
/etc/hosts and hosts.deny question


Sometimes, when I am surfing the web, I will use an anonymous proxy but
I can tell that the site I am visiting knows my IP through various javascript
and other tricks.

Is there an easy way to use /etc/hosts and/or hosts.deny so that ALL the
traffic on my machine is forced to go through the proxy?

Thank you.

Ilan
 
Old 03-02-2006, 01:11 PM   #2
uteck
Member
 
Registered: Oct 2003
Location: Elgin,IL,USA
Distribution: Sidux, LinHES, and Mythbuntu
Posts: 209

Rep: Reputation: 32
/etc/hosts just lets you assign a name to an IP, and using hosts.deny will not work since the javascript is running over port 80, so would have to block it which means no web access to that site.
Your best bet would be to turn off javascript.
 
Old 03-02-2006, 06:22 PM   #3
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
if you use the firefox web browser, then the noscript extension might come in handy for this kinda thing: http://www.noscript.net/

however, keep in mind that sometimes javascript can give the appearance that a site knows your IP, when in reality it doesn't - it's just the script running locally on your box which is printing your IP...
 
Old 03-04-2006, 03:04 PM   #4
ilan1
LQ Newbie
 
Registered: Jan 2006
Posts: 18

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by win32sux
if you use the firefox web browser, then the noscript extension might come in handy for this kinda thing: http://www.noscript.net/

however, keep in mind that sometimes javascript can give the appearance that a site knows your IP, when in reality it doesn't - it's just the script running locally on your box which is printing your IP...
No, I had disabled all cookies and booted using a Knoppix
live CD (i.e. a completely fresh O/S) and the site actually
was able to query a DB on the back end which proved to me
that they were able to see my IP despite the proxy.

I checked with www.stayinvisible.com and there were no extraneous
HTTP headers which sent my real IP. I was thinking that maybe
I could use iptables to drop all the traffic except those
going to the proxy?

I had asked about this in another thread, but the iptables
rule just slowed my system down like crazy. I did not understand
why, probably because of timeouts?

Ilan
 
Old 03-04-2006, 05:28 PM   #5
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by ilan1
No, I had disabled all cookies and booted using a Knoppix
live CD (i.e. a completely fresh O/S) and the site actually
was able to query a DB on the back end which proved to me
that they were able to see my IP despite the proxy.
okay, but i'm not sure why you had to use knoppix, though...

Quote:
I checked with www.stayinvisible.com and there were no extraneous
HTTP headers which sent my real IP.
you mean directly or through the proxy?? cuz this kinda sounds like the proxy might be sending the X-FORWARDED-FOR header instead of omitting or spoofing it... unless you have control over the proxy i don't think you can do anything about that...

Quote:
I was thinking that maybe
I could use iptables to drop all the traffic except those
going to the proxy?
yes, this can be done...

Quote:
I had asked about this in another thread, but the iptables
rule just slowed my system down like crazy. I did not understand
why, probably because of timeouts?
well, i'm not sure... anyways, here's what your OUTPUT rules might look like if you wanted traffic to only go out to the proxy:

Code:
iptables -F OUTPUT

iptables -P OUTPUT DROP

iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A OUTPUT -o lo -j ACCEPT

iptables -A OUTPUT -p TCP -o $WAN_INTERFACE -d $PROXY_IP \
--dport $PROXY_PORT -m state --state NEW -j ACCEPT
i think you wouldn't need to use any DNS since your are using the proxy, right?? well, if you do need to be able to query your ISP's DNS servers then just append a rule for that:
Code:
iptables -A OUTPUT -p UDP -o $WAN_INTERFACE -d $DNS_IP \
--dport 53 -m state --state NEW -j ACCEPT
oh, and BTW: if you wanna see which connection attempts are being made by your box when you go into the website, just append a LOG rule to the end of the OUTPUT chain... this way you'll know for sure if the website was indeed getting your IP by triggering a connection:
Code:
iptables -A OUTPUT -j LOG --log-prefix "OUTPUT DROP: "

Last edited by win32sux; 03-04-2006 at 06:05 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
hosts.allow & hosts.deny question... jonc Linux - Security 9 03-05-2005 09:41 PM
Adding shell commands to hosts.deny and hosts.allow ridertech Linux - Security 3 12-29-2003 03:52 PM
hosts.deny question egarnel Linux - Security 2 09-15-2003 03:30 PM
hosts.deny and hosts.allow defaults? gui10 Linux - Security 5 12-20-2001 01:57 AM
hosts.allow / hosts.deny fistz Linux - Newbie 1 04-19-2001 07:00 PM


All times are GMT -5. The time now is 09:05 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration