Identifying real IP
Identifying real IP
Is it possible to locate the real IP address and thus location if someone uses a proxy or TOR?
Re: Identifying real IP
Not really. Only the proxy knows what the originating IP is.
Re: Identifying real IP
How will you know if it comes through a Proxy?
Re: Identifying real IP

Well, there's lot of ways to finger at you. Proxy or VPN or whatever is good against little thugs and amateurish spooks



-
- Active Member
- Posts: 336
- Joined: Sun Dec 23, 2012 5:47 pm
- Location: Minneapolis, MN
Re: Identifying real IP
Yes, it is possible but not commonly used. I only know of one commercial service that can trace back through even multiple proxies and I think VPNs. The commercial service provides online retail sites with a way to assess if a visitor is who they say they are or not.
I would say in this day and age, only about 1 percent of the people that think they can hide online really can. All the others are misled in thinking using one or two proxies will keep them safe.
I would say in this day and age, only about 1 percent of the people that think they can hide online really can. All the others are misled in thinking using one or two proxies will keep them safe.
Re: Identifying real IP
There are proxies, that tell you about who is using it (in the request header) like f.e. or drop clues, that a proxy is being used like:
And there are proxies, that do not tell you anything about them being a proxy or who originated the request.
Code: Select all
X-Forwarded-For: <originating ip address>
Code: Select all
X-Proxy-ID:
Code: Select all
Via:
Re: Identifying real IP
Maxi,
Request Header? If it's a hint, then YES. BUT it's can be easily "faked" or "omitted" to fool the amateurs.
Request Header? If it's a hint, then YES. BUT it's can be easily "faked" or "omitted" to fool the amateurs.
Re: Identifying real IP
Many things could be faked. That does not mean they usually are.Request Header? If it's a hint, then YES. BUT it's can be easily "faked" or "omitted" to fool the amateurs.
If something is being faked, there usually is a reason for doing so.
"to fool the amateurs" or maybe rather "to fool your friends" or "to win a bet" may be your "reasons"
to masquerade as a proxy while connecting to some site [of your friends]...
Testing a proxy one plans to use can give more certainty on how it would behave.
Find a way to get to the headers on the receiving end - f.e. request something from your own server
and you will see how much of your data it revealed.
Re: Identifying real IP

The Req.Header
Code: Select all
GET http://xxx.com/forum/ HTTP/1.1
Host: xxxx.com
Proxy-Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Accept-Encoding: gzip,deflate,sdch
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4,vi;q=0.2
Cookie: faceLike=liked; xf_user=24670%2Cf079547d3014ed56f448688fb3e653235ee220b1; xf_session=719383846a62ee57986dcdc8c12de597; countrytabs=0
If-Modified-Since: Sun, 10 Aug 2014 08:07:24 GMT
Code: Select all
Proxy-Connection: keep-alive
Code: Select all
GET /forum/ HTTP/1.1
Host: xxxx.com
Connection: close
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Opera/9.80 (X11; U; Linux i686; en-US) Presto/2.9.168 Version/11.52
Accept-Encoding: gzip,deflate,sdch
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4,vi;q=0.2
Have nice day.