[proxyTools-users] add proxies, anon browsing (was: Re: Some more questions + What should I do next )

[wayne <wa...@ny...>]

> From: xxx again
> Subject: Some more questions + What should I do next 
> To: wayne <wa...@ny...>
> 
> Dear Wayne
> 
> Thanks a ton for all the time and effort
> 
> >
> >[....]
> >
> >The biggest problem seems to be for people to
> >be able to use WinCVS properly :-(
> >
> >Truth is, it's so simple, I'll probably add
> >code to do it for the user one day. A button
> >to press which gets at least the latest proxy
> >database, and probably the new code too.
> >
> 
> Is there a way I can update selected files without knowing CVS?. 

Yes, but you often need to get more than one. Fixes in one often 
depend on modifications another. For example, recently, the new 
versions of statProxy have required the corresponding version of 
the library (Wlib.pm).
Current versions of most tools would fail if you tried to use 
them with an older/newer WLib.pm.
OTOH, it's almost always true that you could just get the latest 
tool you want *and* the latest WLib.pm and the combination would 
work (but the older tools would then be broken).
I think it's always been true that new data files (hosts.zip, and 
all the *.xml files) could be updated without problems (but can't 
guarantee that will always be true).

Best to just get the lot.

> I visited the Win CVS site but I am no wiser. Same again with CYGWin
> which you mentioned in another post. I haven't yet checked javaCVS
> "Hat" suggested. But I am not very sure if I can use CVS
> 
> So..Is there a way I can update selected files without knowing CVS ?

This is an FAQ; press the help button :-)
Or double-click readme.html.

Your web browser can get them for you. *.pl, *.pm, *.zip files are 
easy, but people seemed to have trouble with *.xml files. The 
browsers want to display them, rather than download them :-)
Sorceforge doesn't help with all their complicated CGI stuff either.

[...]

> >> >If you copy config-UAE-dialup.xml to config-xxx.xml and restart the
> 
> >> >both GUI and backend LP, you can select that config for your own 
> >use.
> >> >
> >> 
> >> The way I started  ..
> >> - click on Local proxy.pl file and wait for the GUI to come up. 
> >> - choose UAE-Dial up in the config box 
> >> and 
> >> - click "start Services". 
> >
> >That will do, the copy is nice because you
> >know that you can CVS, or unzip a new release
> >in the same directory and it will not get
> >overwritten. Your secret proxies are safe.
> >
> 
> Can't I download and un zip any config file once again? The reason I
> ask, I am afraid that I've copied *to* config-xxx more than once
> already (-:

Is that an Arabic (right-to-left) smiley? :-)

Sure you can. And you should whenever I change them.
config-xxx.xml, however, is your own and won't be in CVS, so the proxy 
info you have merged into that is guaranteede to be safe.
If you merge that info to one of the distributed config files, 
downloading a new version would lose you all that info.
Hence, my recommendation to make that personalized one.

> >> I had some 600 + proxies in a file ! The above command is taking
> quite
> >> some time with that file !!. Though I'm occassionally checking that
> it
> >> hasn't gone for a hang, it has taken some hours !!
> >
> >The new version (CVS) is quicker, but it is
> >designed to evaluate the proxy capabilities
> >properly. Most scanners just check if they
> >can connect. SP has 18 tests to do on each
> >proxy as specified above.
> >
> >To just get a list of working proxies, try -t
> >0 instead of -t all:-18

I should have elaborated here.
-t all means the same as 
-t 0:1:2:3:4:5:6:7:8:9:10:11:12:13:14:15:16:17:18
(i.e. all the tests), test 18 is a Socks4 test, so 
-t all:-18 just removes that one.

> Is there a way to get this "new version" without knowing CVS ?

FAQ.

> In retrospect I am happy that you were NOT testing proxies
> simultaneously (is that parallel ?) I am sure that web masters may
> complain if that 600 hits in 20 secs happens 

Webmasters at each proxy would only see one connection (per test), 
so that's not the problem. The problem is that each test uses a 
reference service (e.g. test 0 actually gets www.panix.com's main 
page). That means that www.panix.com's webmaster would see 600 
requests within a few seconds from proxies all over the world!
He would notice that (!). Some (many) of those proxies would 
pass your address through to his logs. His possible followup 
complaint to your ISP might be acted upon :-(

> Further from the next post I understand that you have implemented
> parallel testing

Not really, parallel *connection* testing only so far.
This is used so that the alive/dead/inaccessible nature of all 
proxies is determined in a few seconds before any test is done. 
A lot of time is saved because SP doesn't need to wait a 
timeout for many proxies tested then.

> So what is your recommendation, continue with the old version of stat
> proxy for users in countries with a short fuse ?

The new one is as safe as it ever was, I think.
Your local ISP may notice the 600 connections, but there are 
various reasons why that's not so likely to cause problems.
On a Windows box, 600 at once always fails, so they are spaced 
in groups of however many your system will do at a time (50-60 
for Windows 95/98/ME and 124 on win2k, depending on how many 
are already used by other parts of that system). Unix systems 
are more capable (and hence more dangerous).

> >> How often does one run this ? 
> >
> >On a file like that, once a year (in fact, I
> >often throw such files away after the initial
> >run). 
> >
> 
> ok
> 
> >
> >Therafter, you run it on your config
> >file where you have merged the good ones from
> >that list.
> >
> 
> Sorry didn't understand. Is that to take care that proxies once tested
> are working on agiven date / time ? 

Yes. 
And to average recent results together, so you don't make the 
mistake of disabling a proxy just because it was down for an hour 
when you did the tests.

The point to understand is that they are in your config file in a 
format that SP can understand, so running SP on the config file tests 
the ones in there. No need to test the big list again (unless you 
think that one was down when you did that test and is up again 
later). 

> But my partial understanding doesn't matter at this stage. 
> 
> **Could you please give me the command for the above test and I'll run
> that **

perl statProxy.pl -t all:-18 -l config-xxx.xml
followed by the usual mergeHosts operation.

You might see it test some odd things like ccnews.thu.edu.tw:119.
This is because that looks like a proxy to SP. The tests on that 
will fail, and mergeHosts will leave it alone.

> >> Proxies come and go often. Proxies live now are dead later in the
> day
> >> and come back next day and so on. If this checking is taking time
> how
> >> do I check often ? 
> >
> >It runs in the background, so no problem.
> >
> >I often split the files into smaller ones and
> >check a new one each day.
> >
> >But your checking time is better spent on the
> >ones that localProxy is selecting for it's
> >build. You can get those by copy and paste
> >from the GUI layer 0 windows, or you can
> >click 'Save running configuration' and then
> >test the ones localProxy found to be bad
> >(after browsing for some time) in localInfo-
> >saved.xml, or after shutting down LP, you can
> >test the 'last' configuration in config-
> >last.xml, or ...
> >
> >These approaches are better because LP does
> >most of the ch most of the checking for you,
> >as you browse. Remember it can be fed a heap
> >of bad proxies and still browse ok. It's
> >designed for it.
> >Also it's safer for the average user to *not*
> >test htest huge bunches of proxies.
> >
> >China, KSA etc. are not known for their
> >friendliness to users when complaints are
> >received from proxy owners.
> >
> 
> By now you know where I am !! So What about the place I am in ? 

Dunno about the policies of a place like that.
You would know better. Have you heard of anyone getting any kind 
of reprimand for network 'abuse' at all?

> >And one more excuse :-)
> >
> >When I was adding the parallel testing code
> >in the latest version, I thought about doing
> >each test in parallel too, but decided the
> >connection (alive or dead) test was enough.
> >Any more than that means hitting a web page
> >with 600 hits in a few seconds from the same
> >address for exactly the same url - they tend
> >to notice such things :-)
> >
> 
> **
> Oops!. I suppose that 600 hit stuff is NOT there the September 4th 2002
> version also ? Please reply ASAP. 
> **

It's not there in *any* version.
It will never be. If I add something like it, it will be disabled 
in the 'safe' mode in which SP runs by default. The user needs 
'-u' to explicitly turn 'safe' mode off.

> >LP needs (well, uses) the speed of the proxy
> >and that can only be found by downloading a
> >fixed reference page (currently
> >www.panix.com). And that's just for test 0!
> >
> 
> are these panix guys known to you ? else 
> - lots of first time testers **may** get into problem with their
> respective countries / ISPs
> (or) 
> - Panix.com website could get some award on the most visited website of
> the year :-) 

Sure, but see above.
Panix is also a place where a complaint to your ISP would be 
absolutely the *last* resort. 

> >> I suppose the sequence is 
> >> 
> >> 1. copy config-UAE-dialup.xml to config-xxx.xml 
> >> 2. perl statProxy.pl -t all:-18 -l listOfProxies.txt > results.txt
> >> ( 1 and 2 may be independant of each other. I didn't mean a
> chronology
> >> too ) 
> >
> >That's ok, but after you copy the config
> >don't copy it each time or you end up with
> >only the latest test results in it.
> >
> 
> my doubts already mentioned 

I meant, don't overwrite the current version all the time by 
copying the distributed xml. You keep the info in there.
If I ever make a mod to the distributed config which must get 
propagated to any user configs, I'll mention it somewhere.

[...]

> I have downloaded the september 4th 2002 version. Please confirm that
> it is safe to run all 18 tests on proxies from where I live

It's never 'safe' to run proxy tests, but many of these are things 
that your browser might do by itself. I could construct a web page 
on the net, which made your browser do the same things.
You have (fairly) plausible deniability :-)

> Say If I start with the "proxies on uncommon ports" posted to the list
> ?
> 
> What would be a reasonable number of proxies to test where I live ? 
> 20 ? 
> 50 ? 
> 200 ? 

Hard for me to say since it depends on how obnoxious your ISP is, 
and how likely they (and your institution) are to act on complaints.
Proxy testing is always like this.

[...]

> >> Will send you the results.tx file by seperate mail
> >
> >The log files are instructive. My comments on
> >them tell everyone how to see LP is working
> >(or not!).
> >
> >About the only reason to do that is if your
> >proxies are secret. Your own address probably
> >should be munged (it sometimes appears more
> >than once in the log, where LP thinks you
> >might have been disconnected).
> >
> 
> Thanks for anonymising the post. You had done it better than I had
> realised. I agree that I should exercise much more caution 

I'm not so sure you do.
I've seen accidental posts to a list we *knew* the Middle East 
censors were subscribed to, which revealed users email addresses 
and IP addresses. Nothing ever happened as a result.
You can be almost 100% sure that your ISP and your institution 
are not watching the proxytools-users list!
Remember the archives though, so you don't have deniability if 
they ever *do* have a reason to look. The idea is never to give 
enough reason for them to make that much effort. You'd need to 
make the headlines before anyone would go that far.

Anyway, to reduce the load on me, I'd appreciate it if you 
subscribed from an address that was safe and we conducted this 
discussion on the list. It's easy for you. Here's an example:
1) go to http://www.sneakemail.com/
2) sign up
3) make an email address for the list 
4) subscribe to the list with that address
5) send your messages from the sneakemail web page
Everyone should know about this kind of thing to be able to reduce 
the spam in their inboxes anyway. You can even find out which place 
is selling your email address to the spammers by using certain 
addresses for specific lists, signups etc.

Here, the only risk is that sneakemail would give your real email 
address (they have it so they can forward the sneakemail from 
the list to you) if they were issued a subpoena. Again, a low 
profile will avoid that. 

[...]

> Also on the mail on the test results
> 
> Let me check and find out how those strange proxies were selected by
> LP. May be they are available to me somehow.. but I don't know as of
> now
> 
> ******************
> 1) What should I do at this stage (say testing merging etc.) ?
> 2) Could you please give me a list of commands ? (i.e.) for some one
> who has run his first test and merge but wishes to test more + merge
> more + surf & web mail anonymously as far as possible 

Anonymously (the web sites don't get your address), or privately (your 
ISP doesn't get your address)? The latter is much harder and requires 
encryption. 

> 3) I have more questions to ask on the other mail (on how to surf
> anonymously - without the admin knowing etc.) 

Ahh, see this is 'privately'.

> Would be helpfull if you
> send me an exact list of commands for surfing anonymously with LP

LP won't do it by itself.
You need encryption at your end and decryption at the other end.
Web sites and proxies don't normally do it.

> ******************
> 
> THANKS in advance !
> 
> >
> >> Best Regards
> >> 
> >> xxx

--
wa...@ny...
http://proxytools.sourceforge.net/