How to hide ip address?

[chee]

it's well known that Unix/Linux could hide the ip address of a pc by "mask" its ip. but how could win xp manage to hide ip address without using a third-party application.

it seems that most such applications will use a proxy scheme, obviously such scheme will slow down surfing speed if the target proxy does not have a broad band to share, is there a more direct way?

thanks

[LLXX]

it's well known that Unix/Linux could hide the ip address of a pc by "mask" its ip. but how could win xp manage to hide ip address without using a third-party application.

What?

[chee]

say, when you open a webpage, your ip address will show on that webpage.

then, how to hide your ip address?

[McTavish]

I can’t see how the Unix/Linux thing could work other than for individual computers in a network. The last computer out of a network can’t hide its IP.

Don’t know of a way other than with anonymous proxies, but even then you have to make sure your own computer is also not sending it out in the browser headers. You have to kill active content or filter your headers.

You could spoof a Forwarded header in your requests so that it looks like your real address is a proxy and the spoof is your address. But if it’s just for privacy reasons while browsing, you’d be better locking down what leaves your own computer rather than worrying about your IP.

[ColdFusion200]

its impossible to hide you're ip address. it needs to be reported to the server correctly so it can send the data back to you. even if you use a proxy server, the proxy server will still have you're ip address

[chee]

thanks for all your replies

indeed unix/linux has an ip mask function that hides ip from a requesting webpage.

[McTavish]

Still can’t understand how that could work, a website must have a real address to forward its data packets to. If you give it a fake one, you don’t get the web page.

If you have a dynamic IP address – even one that only changes rarely – then all that can be discovered from your IP is who your ISP is. If anyone wanted to find out more from this they would have to contact your ISP and ask them. If they are not a law enforcement agency then they will be told nothing. So unless you are breaking the law then you have nothing to worry about websites seeing your IP.

It’s the information that your own computer gives out that can be used to identify and profile you. Requests can be sent back to your IP address asking the computer there to identify itself. Active content in the webpages can lift details about you from your machine and send it out. As long as your machine is locked down then just an IP address means nothing.

Even using an anonymous proxy is pointless if your computer is betraying you. This site uses a small script in it’s web page to read your true IP off your system and send it back as part of a browser GET header.

[LLXX]

You could spoof a Forwarded header in your requests so that it looks like your real address is a proxy and the spoof is your address. But if it’s just for privacy reasons while browsing, you’d be better locking down what leaves your own computer rather than worrying about your IP.

Yes, pretending to be a proxy (and then using a proxy on top of that) is going to be one of the easier ways to cover the "real" origin i.e. your machine...

[Tinctorius]

Have you guys ever heared about Onion Routing? That technique might actually help in this case. One of the networks using this technique is Tor.

However, I think that masking your IP is not a very useful option to ensure your privacy and security. Knowing what you are doing already helps much more than using proxies, virus/spyware scanners and firewalls. As McTavish says, just make sure that your computer doesn't do anything funny.

Even using an anonymous proxy is pointless if your computer is betraying you. This site uses a small script in it’s web page to read your true IP off your system and send it back as part of a browser GET header.

That's not true. That information doesn't come from the GET-header, it comes from Apache, which gets it's information from the operating system that reads the packets. If those packets come from an anonymous proxy, then the proxy's IP will be on it. Your browser doesn't have anything to do with it. Anonymous proxies can completely hide your IP. Okay, except for the cases some script determines the client's IP address client side (I wonder if that's even possible in normal JavaScript...) and sends it to the server.

[McTavish]

Ok it's not doing it now, but i can assure you it used to, as I can record and view the outgoing headers in Proxomitron. I suppose I should have checked before I posted it. Perhaps they just stopped doing it that way, or perhaps IE has closed the door it was using. I've seen all sorts of things in the GET headers - including my email address. That was before I had a filter in place.

[ringfinger]

The Onion Routing wiki looks pretty interesting..