MeatballWiki | RecentChanges | Random Page | Indices | Categories

One of the most common implementations of OpenProxies intended to act as an AnonymousProxy is in a ring. If you have a set of open proxies, P[0..N-1], when you ask proxy P[i] to make a request on your behalf, it will make the request from P[i+1 mod N]. Actually, in practice, the proxy ring is usually behind a RotatingProxy interface, so that the user actually makes a request from P[rand(0..N-1)] each time.

The purpose, presumably, is to make it harder for a target site to detect the OpenProxy. If the target attempts to scan the OpenProxy by asking it to GET a given verification URL, the handler for that URL will not be able to match the incoming IP address to the given OpenProxy being checked.

In practice, however, this is totally useless. All you do is make the verfication URL handler automatically ban the requesting IP, and then start a new OpenProxy scan on that IP. Eventually, you will scan and ban the entire ring.


     IF ip is not already scanned or banned
         FOR EACH port in PORTS, where PORTS is the set of potential OpenProxy ports
            make an HTTP proxy request on ip:port for the self-ban URL
         END FOR EACH
     END IF

 SELF-BAN, the handler for the self-ban URL
     ip <-- REMOTE_ADDR


MeatballWiki | RecentChanges | Random Page | Indices | Categories
Edit text of this page | View other revisions | Search MetaWiki