How to tell if a proxy is good?

How do you know if the proxy your using (ninjaproxy.com, proxy.org etc) is not giving away your real ip address, and is actually secure to use and keeping your information private??

Whats the best way to use a proxy and actually keep your information hidden and not viewable by a website? I know you can chain them together but have you ever tried that?…. not fun.

And as far as TOR the firefox addon, how does it work? Does it circle through a list of known good proxies? Does it work well enough to use for testing security and not revealing my real ip address? Is it better than using a cgi proxy like the ones mentioned above?

Almost all proxies will mask your ip address, an easy way to check would be to a site like www.ipchicken.com or whatsmyip.org and see if it's your actual ip being broadcast. I'm almost positive your UserAgent info wouldn't be changed by a proxy.

A great site that's either dead or down right now is http://nmapyourself.com/ , it allows you to do an nmap scan on your own pc over the web, good way to see what other people would see.

As for TOR, that's one of the best solutions out there. Read up on it if you want to know more. Although it is slow. It's much better than a fly by night cgi proxy server, if you can handle the setup and speed issues, it's your best bet.

The easiest way to find a scam is a simple Google search. I have actually been saved from scams by Google searching, but this depends on people A: finding the flaw, and B: warning others about it.

As far as giving out your info, do you mean to other average people, corporations or the government? Anyways, I think one of the best ways to protect that kind of information is to find an open network and connect. If I want to become invisable, I'm not going to delete everything, I'm going to become joe shmoe.

If you act suspicous or like an anomaly, people might get curious. And normal people do not use complex things like encryption, or route through slow proxy chains. Personally, I have the common scense to not share passwords and user names, but I don't do much more than that for a reason.

Well if you are using Firefox I strongly suggest you use the add-on "User Agent Switcher". Make a new agent and make sured you change what the default platform says. I set mine to "Unknown." Thats what I suggest you do so your platform isn't released. Safer than sorry. Then if you go to IPchicken.com it will not know your platform if oyur agent is on. And I agree I am not going to jail. Well. To work. Peace.

Infam0us wrote: well, let me tell ya. I don't wanna go to jail, lol. Even though I am just trying to help, alot of people wont appreciate snooping around and trying to find sql injection flaws etc.

i wasnt aware that was illegal.

No sir, they are completely legal. They are meant to protect your privacy.

ynori7 wrote: [quote]Infam0us wrote: well, let me tell ya. I don't wanna go to jail, lol. Even though I am just trying to help, alot of people wont appreciate snooping around and trying to find sql injection flaws etc.

i wasnt aware that was illegal.[/quote]

Its illegal to test the security of ANY website or network without the owners full permission.

Very true. And that is why anonymity is such a great thing.

Ok let me ask my question like this then.

If you were to try and 'test the security' of a high profile website such as http://fbi.gov, what would you use as far as proxies to ensure your real ip wasn't discovered?

Infam0us wrote: Ok let me ask my question like this then.

If you were to try and 'test the security' of a high profile website such as http://fbi.gov, what would you use as far as proxies to ensure your real ip wasn't discovered?

Ever heard of leap frogging? Your IP can always be traced back to you, and if you attack FBI.GOV, it would only be a a matter of time before the found your true IP.

I suggest getting something portable, and go wireless hunting.