Security Basics mailing list archives
Re: Anonymous Proxy Web Surfing
From: phani () myrealbox com
Date: Fri, 20 Dec 2002 10:19:59 +0530
On Wed, Dec 18, 2002 at 12:03:29PM -0600, Jason Jaszewski wrote: hi,
Say I want to surf the web using anonymous proxy servers around the web. I have encountered several Windows apps that will bounce traffic to different proxy servers around the Internet. I understand how this works, however, I am wondering about the security of it. Say a user wants to authenticate with web mail, such as hotmail. When he or she authenticates with hotmail, that traffic would also pass through the anonymous proxy servers. I assume this can/does lead to someone getting password and username information from the data that goes through the proxy server, in a way using a proxy server to collect this sort of information from consumers who don't know any better, but were informed by someone that this "anonymizes" Internet surfing. Just how good are these anonymous web surfing applications/services in this respect? I am asking from the standpoint of using this to add another level of security to an otherwise tight system.
what u hv mentioned is indeed true. the passwords *can* be sniffed, but if the servers provide a secure (https) transfer of atleast the password, then the user is saved. But then there is this issue of the user-id. If the user id is transfered in clear text then there is this problem of spam. I dunno if the user name is sent out in clear text or not. But of what I v sniffed of yahoo's transmissionit looks that the user id is not sent across. May be some1 more knowledgable can clarify hth phani
Current thread:
- Anonymous Proxy Web Surfing Jason Jaszewski (Dec 19)
- Re: Anonymous Proxy Web Surfing Nuno Branco (Dec 20)
- RE : Anonymous Proxy Web Surfing Nicolas Villatte (Dec 20)
- Re: Anonymous Proxy Web Surfing phani (Dec 20)