1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What tool do companies use to detect anonymous elite proxies?

Discussion in 'Black Hat SEO Tools' started by chocolatemonkey, Apr 27, 2011.

  1. chocolatemonkey

    chocolatemonkey Junior Member

    Joined:
    Dec 20, 2009
    Messages:
    197
    Likes Received:
    29
    This has always confused me... how do companies like ****** and the like detect proxies even though they aren't detected as a proxy on sites like whatismyipaddress.com? They claim to have a "daily" updated proxy list, but I haven't a clue where they get it from. I've searched to no avail...

    Seems like an excellent way to protect against affiliate fraud too.

    Any idea where they're pulling it from? Because its a very accurate list.
     
  2. reinrein

    reinrein Regular Member

    Joined:
    Feb 8, 2008
    Messages:
    443
    Likes Received:
    343
    Home Page:
    I dont think there is such a thing. If people uses illegal proxies from zombie computers, I doubt theres a way to detect it. They might be detecting fraud by evaluating many things, not just ip.
     
  3. chocolatemonkey

    chocolatemonkey Junior Member

    Joined:
    Dec 20, 2009
    Messages:
    197
    Likes Received:
    29
    I'm not talking about zombie computers or anything illegal like that. I'm talking about private proxies (which you can get on this forum) that don't appear as a proxy on most proxy checking services, yet these companies have some kind of tool that can detect it.

    If they didn't, they'd already be out of business.

    From their site:

    Where are they getting the list from? I assume its from some kind of paid service?
     
  4. thevil

    thevil Junior Member

    Joined:
    Aug 17, 2010
    Messages:
    190
    Likes Received:
    189
    Identify Proxy Headers like HTTP_X_FORWARDED_FOR, HTTP_VIA, etc...

    Known proxy host names like cache, server, proxy etc...

    Match ip with known proxies (companies can easily code a spider to grab all public proxies) or running them against a blacklist like SORBS

    Port scanning known proxy ports, 3128, 80, 8080, 1080 for a open connection.

    GeoIP - Geolocation (for commerce)

    More advanced detection uses
    Softblocking known ip address classes (block ips from known providers or webhosts like theplanet, etc... while semi-whitelisting only ISP IP address blocks like comcast/time warner ip range)

    Java or ActiveX / user side scripts to grab your true IP.

    Cookies - depending on if the proxy relays information or keeps it



    Bottom line is that you can pretty much tell whos using a proxy or not, Elite or not. Elite is just a overused hyped up phrase that providers are using now in days. Back in my days, elite proxies referred to a class of proxies that did not spill your true ip nor give any proxy headers as well as not being able to DNS them, so you could not resolve them to a hostname, because hostnames give off alot about if youre using a proxy or not.
    In reality, almost all their proxies are going to be abused. Thats the reason why people get them. There aren't enough ip4 addresses to go around to keep all those IPs off the public or private proxy lists, so eventually ALL proxy ips are going to be burnt out, while the blacklists grow. The only true way to have 'elite' proxies is basically do it illegally (through viruses/rat) PERSONALLY, because if you don't there is no way of knowing who your provider handed them out to before.
     
    • Thanks Thanks x 1
    Last edited: Apr 27, 2011
  5. StarSurfer

    StarSurfer Newbie

    Joined:
    Nov 26, 2011
    Messages:
    9
    Likes Received:
    0
    If one wants to look at port scanning, what technique is used to determine which ranges to scan