Security for Home and SOHO Computer Users Proxy Report

For your browsing safety, we strongly recommend: turning off javascript and cookies.

Don't accept ActiveX controls or VBS scripts.

Background:
I have tried programs which uses free proxies on the web to help anonymise the web browsing experience. This means not giving your IP address to inquiring web sites. However, not all free proxies are equal. Some filter content, and some are very slow. Some are up one day, and down the next. So, you need a list of 200-300 proxy addresses to make it work efficiently. The best one of these today is the excellent MultiProxy program.
I have also tried going to web sites which host anonymous surfing from their sites, but I consider that an unnecessary step. I just want to surf from a bookmark, for instance. So, those sites are not an option.
Now, maybe you could chain two proxies and become very anonymous!

Nowhere on the net did I find a free Socks proxy server.

I recently had the opportunity to try the fee-based proxy from LockDown Corp.

My experience was trying their anonymous proxy service, as well as, their Socks v5 proxy.

I received a password and username, and proxy addresses.

The first one I tried was the standard proxy. It was easy to do, just change my proxy setting to reflect the LockDown proxy. I was asked for a password and username before I could access the proxy. Once given, I surfed for the next 5 hours. Part of the surfing was going to proxy, and environment variable, checking web sites.

I was impressed!
1. There was no noticeable difference in speed (no slowdown at all).
2. All web sites visited were as they were before using the proxy.
3. If I surfed to a non-existant web site, a good error page came up, even with an email address to contact.

The checking sites were interesting.
They showed, without exception, that my IP address wasn't there. It showed the proxy address; even the X_Forwarded_For did not show my address, and it is usually not fooled at all.

So, the next step was to try the Socks v5 proxy server.
Well, that was a little more involved.
I downloaded the free Socks client application (SocksCap Ver2.1) from NEC (you need something to communicate to a Socks server).
I just followed the directions and in very little time it was installed and Netscape was "socksified". You have the opportunity to put the username/password combo into SocksCap and it also allows for environment variables so that you only have to do it once.

So I surfed and it was even better that their great standard proxy. Very secure, and even less info being passed to inquiring sites.

As an example, I went to Panix (no longer available, use Netspy ) and excerpted here are some of the important things to look for:

Using Socks proxy

REMOTE_ADDR: 216.41.20.13
HTTP_X_FORWARDED_FOR: 216.41.20.13, 166.84.143.28
HTTP_VIA: 1.0 squid2.nyc.access.net:3128 (Squid/2.3.STABLE3), 1.0

No, the IP address is certainly not mine! Notice that there isn't even a mention of "unknown" under X_FORWARDED_FOR.

Then I went to All-Nettools and only 2 items showed up!
REMOTE ADDRESS (same address as above)
REMOTE HOST (same address as above)

Using proxy - no Socks

Panix (no longer available, use Netspy ) web site:
REMOTE_ADDR: 216.41.20.120
HTTP_X_FORWARDED_FOR: unknown, 216.41.20.120, 166.84.143.28
HTTP_VIA: 1.0 proxy.lockdown2000.com:8080 (Squid/2.3.STABLE1), 1.0 squid2.nyc.access.net:3128 (Squid/2.3.STABLE3), 1.0 squid1.nyc.access.net:3128 (Squid/2.3.STABLE3)

All-Nettools web site:
Coming from [HTTP_X_FORWARDED_FOR:] unknown
Came via [HTTP_VIA:] 1.0 proxy.lockdown2000.com:8080 (Squid/2.3.STABLE1)
Remote addr (same address as above)
Remote host (same address as above)

"unknown" above, is you - now anonymised.

What is really interesting, is that using Socks gives you even more privacy, than the standard proxy.

The only minor item is when you start your socksified (using SocksCap) browser it takes about twice as long to startup. The web surfing is not affected at all.

Interfacing SocksCap into my network environment was not as difficult as first imagined.

My system is set up like this - before SocksCap

[Browser]----[Junkbusters]----[Proxomitron]----[Anti-virus/trojan]----[AtGuard]----[ISP Proxy]----[Internet]

After SocksCap

[Browser]----[Junkbusters]----[Proxomitron]----[SocksCap]----[Anti-virus/trojan]----[AtGuard]----[LDProxy]----[Internet]

Why did I want to keep the other items between the browser and SocksCap? Because they are filters - cookies, javascript, popup killers, certain http headers changed or deleted, etc., proxy forwarding - giving me much more control over what my browser really "sees" - and what it sends back to the web site.
So, I had to have it work together - and it does!
I consider myself to be a bit of a power user and have been surfing the net for six years. I average 4-5 hours per day. I've seen many, many programs or sites that offer the world, or even a part of it, but just don't deliver. I've come across many programs which are excellent and do a job well. Many of these terrific programs are described on other pages at this site. I believe LockDown's Socks proxy server fits into the "one of the few great programs or services" offerings on the net.

To sum up, the LockDown Socks proxy server provides excellent, stable, anonymous surfing. Quite frankly, I wouldn't surf without it now!

There are no links for anti-virus or counter-trojan programs, as there are so many available.
There is no link for the rule-based AtGuard firewall because it is no longer available. The AtGuard engine is incorporated into the Norton Internet Security program. There are many firewalls available.
So, personal choice and experience would dictate your choices.

Also, check your own ISP's proxy. You would be amazed at how much info is passed along. Or, shudder and horror, perhaps you are surfing direct (no proxy at all)?

If you are using Internet Explorer, you will need additional security resources. Please see the Security page or the FAB-Software page for more info.

If you think your browser is safe, try this site: Finjan Software - Security Testing Center.

You can read the original article here.