MeatballWiki | RecentChanges | Random Page | Indices | Categories

One of the main methods of identifying a visitor to a website on the Internet is via their IP address. Consequently, a lot of effort to masking IP addresses has been devoted by those wishing to access the Internet anonymously. The first step is simply appearing to be visiting from a different IP address as one's own by using a proxy. The proxy forwards requests from the user's machine onto the server, and responses from the proxy server back to the user. Thus, the user appears to be coming from the proxy server's location.

While for very short sessions this may be adequate, for relatively long sessions or long-term use of a particular resource (e.g. repeated use of an OnlineCommunity), using a consistent IP address, even if it is not your actual IP address, creates a SerialIdentity that will be used to identify you. This is akin to being a cat burglar that leaves a calling card at every location. If you finally make a mistake and identify real self at one break-in, you will be charged will all your prior break-ins. If you had just not left a calling card, you may get away with only being charged for one.

Therefore, frequently use different proxies so as to make it harder to correlate independent transactions to a single identity. Because this strategy is used so often, switching between proxies is often automated with a RotatingProxy. In reality, a RotatingProxy is actually a full set of proxies. Incoming requests are automatically assigned to a new proxy for each transaction.

There are many such networks. The most common are based on:


In truth, most spammers today use RotatingProxy attacks. The easiest defense is the EditHash.



MeatballWiki | RecentChanges | Random Page | Indices | Categories
Edit text of this page | View other revisions